balance-einloggen.anmeldeseiten.de Open in urlscan Pro
2606:4700:3035::ac43:acf9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://balance-einloggen.anmeldeseiten.de/
Submission: On December 28 via api (December 28th 2023, 3:28:05 am UTC) from US — Scanned from US

Summary HTTP 68 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 10 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3035::ac43:acf9, located in United States and belongs to CLOUDFLARENET, US. The main domain is balance-einloggen.anmeldeseiten.de.
TLS certificate: Issued by GTS CA 1P5 on December 26th 2023. Valid for: 3 months.

This is the only time balance-einloggen.anmeldeseiten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3035::ac43:acf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	3.86.169.251 3.86.169.251	14618 (AMAZON-AES) (AMAZON-AES)
2 2	207.198.113.93 207.198.113.93	13768 (COGECO-PEER1) (COGECO-PEER1)
1	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
3	98.98.134.246 98.98.134.246	21859 (ZEN-ECN) (ZEN-ECN)
1	142.251.167.149 142.251.167.149	15169 (GOOGLE) (GOOGLE)
11	2400:52e0:1a0... 2400:52e0:1a00::940:1	200325 (BUNNYCDN) (BUNNYCDN)
2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	3.162.3.121 3.162.3.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b01:3851:4f93:66e2:747e	16509 (AMAZON-02) (AMAZON-02)
3	44.210.43.240 44.210.43.240	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::68	15169 (GOOGLE) (GOOGLE)
68	18

11 2606:4700:3035::ac43:acf9 (United States)

ASN13335 (CLOUDFLARENET, US)

balance-einloggen.anmeldeseiten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anmeldeseiten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.86.169.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-169-251.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.93 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 98.98.134.246 (United States)

ASN21859 (ZEN-ECN, US)

wins-eu.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viewability-events-z1n.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.149 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2400:52e0:1a00::940:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

live-tag.creatopy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-121.yul62.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b01:3851:4f93:66e2:747e (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.210.43.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-43-240.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	293 KB
11	creatopy.net live-tag.creatopy.net — Cisco Umbrella Rank: 50841	275 KB
11	anmeldeseiten.de balance-einloggen.anmeldeseiten.de anmeldeseiten.de	113 KB
7	adrta.com q.adrta.com — Cisco Umbrella Rank: 3100 pix.adrta.com — Cisco Umbrella Rank: 3864 ipv6.adrta.com — Cisco Umbrella Rank: 3324 adrta.com — Cisco Umbrella Rank: 2159	14 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	46 KB
5	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681 wins-eu.sitescout.com — Cisco Umbrella Rank: 34245 viewability-events-z1n.sitescout.com — Cisco Umbrella Rank: 90892	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	160 KB
2	gstatic.com fonts.gstatic.com	56 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
68	10

	Domain	Requested by
15	pagead2.googlesyndication.com	balance-einloggen.anmeldeseiten.de pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	live-tag.creatopy.net	ad.doubleclick.net live-tag.creatopy.net
10	anmeldeseiten.de	balance-einloggen.anmeldeseiten.de
5	tpc.googlesyndication.com	balance-einloggen.anmeldeseiten.de pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.googletagservices.com	balance-einloggen.anmeldeseiten.de www.googletagservices.com googleads.g.doubleclick.net
3	adrta.com	pix.adrta.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	viewability-events-z1n.sitescout.com	pix.adrta.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	pixel-sync.sitescout.com	2 redirects
2	q.adrta.com	balance-einloggen.anmeldeseiten.de q.adrta.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	balance-einloggen.anmeldeseiten.de
1	www.google.com	tpc.googlesyndication.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	ad.doubleclick.net	www.googletagservices.com
1	wins-eu.sitescout.com	balance-einloggen.anmeldeseiten.de
1	cm.g.doubleclick.net	googleads.g.doubleclick.net
1	balance-einloggen.anmeldeseiten.de
68	20

This site contains links to these domains. Also see Links.

Domain
anmeldeseiten.de
math-einloggen.anmeldeseiten.de
hire-einloggen.anmeldeseiten.de
indian-einloggen.anmeldeseiten.de
public-einloggen.anmeldeseiten.de
carefirst-einloggen.anmeldeseiten.de
epay-einloggen.anmeldeseiten.de
courier-einloggen.anmeldeseiten.de
innovation-einloggen.anmeldeseiten.de
leipzig-einloggen.anmeldeseiten.de
tafe-einloggen.anmeldeseiten.de
jcpenney-einloggen.anmeldeseiten.de
central-einloggen.anmeldeseiten.de
internet-einloggen.anmeldeseiten.de
einloggen-andern.anmeldeseiten.de
dell-einloggen.anmeldeseiten.de
georgia-einloggen.anmeldeseiten.de
aida-einloggen.anmeldeseiten.de
usc-einloggen.anmeldeseiten.de
alliance-einloggen.anmeldeseiten.de
adp-payroll-einloggen.anmeldeseiten.de

Subject Issuer	Validity	Valid
anmeldeseiten.de GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adrta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-07` - `2024-07-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
live-tag.creatopy.net R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://balance-einloggen.anmeldeseiten.de/
Frame ID: 422DF0B29FB9AA5A31934D8AC0E00297
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 441F1AF8F724D95E367968AAF5470F6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5390417171572549&output=html&adk=1812271804&adf=3025194257&lmt=1703734080&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703734080690&bpp=3&bdt=223&idt=260&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1694945546733&frm=20&pv=2&ga_vid=282119312.1703734081&ga_sid=1703734081&ga_hid=642590029&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809005%2C95320885&oid=2&pvsid=588354363459583&tmod=1568926982&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=285
Frame ID: FA306A3EDF93A74F453732B3D001B2E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 964FED8122A285FA611B61C1D10994DB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 9B6B8C464A5232E6456A8E3DD281C4F7
Requests: 25 HTTP requests in this frame

Frame: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Frame ID: 5E07F5F41FFB621C0A3D39894A8478C5
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEB99C5C646CF79F91C35DE8E41F42EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFA8706E340AA067D331FBF77AC2A866
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Balance einloggen Seiten

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

68
Requests

99 %
HTTPS

56 %
IPv6

10
Domains

20
Subdomains

18
IPs

1
Countries

961 kB
Transfer

2582 kB
Size

10
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://anmeldeseiten.de/contact.php
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://anmeldeseiten.de/privacy.php
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://anmeldeseiten.de/terms.php
Title: Bedingungen

Search URL Search Domain Scan URL

URL: https://math-einloggen.anmeldeseiten.de/math-whizz-einloggen.php
Title: Math whizz einloggen

Search URL Search Domain Scan URL

URL: https://hire-einloggen.anmeldeseiten.de/unemployment-hire-einloggen.php
Title: Unemployment hire einloggen

Search URL Search Domain Scan URL

URL: https://indian-einloggen.anmeldeseiten.de/indian-lpg-einloggen.php
Title: Indian lpg einloggen

Search URL Search Domain Scan URL

URL: https://public-einloggen.anmeldeseiten.de/eeoc-public-portal-einloggen.php
Title: Eeoc public portal einloggen

Search URL Search Domain Scan URL

URL: https://carefirst-einloggen.anmeldeseiten.de/carefirst-blue-cross-einloggen.php
Title: Carefirst blue cross einloggen

Search URL Search Domain Scan URL

URL: https://epay-einloggen.anmeldeseiten.de/army-blueforce-epay-einloggen.php
Title: Army blueforce epay einloggen

Search URL Search Domain Scan URL

URL: https://courier-einloggen.anmeldeseiten.de/dtdc-courier-einloggen.php
Title: Dtdc courier einloggen

Search URL Search Domain Scan URL

URL: https://innovation-einloggen.anmeldeseiten.de/thomson-innovation-einloggen.php
Title: Thomson innovation einloggen

Search URL Search Domain Scan URL

URL: https://leipzig-einloggen.anmeldeseiten.de/alte-leipziger-einloggen.php
Title: Alte leipziger einloggen

Search URL Search Domain Scan URL

URL: https://tafe-einloggen.anmeldeseiten.de/south-metro-tafe-einloggen.php
Title: South metro tafe einloggen

Search URL Search Domain Scan URL

URL: https://jcpenney-einloggen.anmeldeseiten.de/jcpenney-charge-einloggen.php
Title: Jcpenney charge einloggen

Search URL Search Domain Scan URL

URL: https://central-einloggen.anmeldeseiten.de/asi-central-einloggen.php
Title: Asi central einloggen

Search URL Search Domain Scan URL

URL: https://internet-einloggen.anmeldeseiten.de/sulzbach-taunus-internet-einloggen.php
Title: Sulzbach taunus internet einloggen

Search URL Search Domain Scan URL

URL: https://einloggen-andern.anmeldeseiten.de/dhl-packstation-einloggen-andern.php
Title: Dhl packstation einloggen ändern

Search URL Search Domain Scan URL

URL: https://dell-einloggen.anmeldeseiten.de/dell-portal-einloggen.php
Title: Dell portal einloggen

Search URL Search Domain Scan URL

URL: https://georgia-einloggen.anmeldeseiten.de/employ-georgia-staff-einloggen.php
Title: Employ georgia staff einloggen

Search URL Search Domain Scan URL

URL: https://aida-einloggen.anmeldeseiten.de/aida-reisen-einloggen.php
Title: Aida reisen einloggen

Search URL Search Domain Scan URL

URL: https://usc-einloggen.anmeldeseiten.de/usc-canvas-einloggen.php
Title: Usc canvas einloggen

Search URL Search Domain Scan URL

URL: https://alliance-einloggen.anmeldeseiten.de/greater-alliance-einloggen.php
Title: Greater alliance einloggen

Search URL Search Domain Scan URL

URL: https://adp-payroll-einloggen.anmeldeseiten.de/adp-payroll-einloggen-in.php
Title: Adp payroll einloggen in

Search URL Search Domain Scan URL

URL: https://anmeldeseiten.de/
Title: anmeldeseiten.de

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3ynZYl6IRHytViMFET3SxGWM60E

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
balance-einloggen.anmeldeseiten.de/ 24 KB
4 KB 234ms
153ms Document
text/html 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd9a01ee431f4605324091ee2b00747b480d538a2192138b2f7814b3dcff6e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83c6b5f1fead4bd8-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 03:28:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vt%2B%2F5NQVaxZME2jPaSn%2Bk7K8rGYEP26F4zwWtIMwkWbca6qFOJv4fuhm%2B0yZkQ3NKQ4slvMNPzlWeVYh6Iy%2BYVGlqeS820cg3pJ0%2FASdEOIm2oU%2FsbjGXqYjlQVHVD47%2BJvMg%2FZsFvvemJcpIu58tz2Ya1LFdsXHiXVeaBaG8EE0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 123ms
52ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400&display=swap

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c7311ebb10229427e5fe935be398404b0987e175a4c9a8bd8b265e309a96e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 01:39:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 03:28:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
858 B 112ms
43ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7a86a9621a308806cc57f007b64b986abe9855118fd651766c2ca66d35e2e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 02:58:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 03:28:00 GMT

GET
H2 200 bootstrap.min.css
anmeldeseiten.de/css/ 152 KB
24 KB 43ms
41ms Stylesheet
text/css 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/css/bootstrap.min.css
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-25fef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hl3SCVquVAWNH%2FZ6fM%2Ff4V0oYXTobVJN%2BfUEOim2YpC9tyr18wbIpVWs%2F3VWSp63gw6jdTQDejxfdhX%2FRVgwMB%2F9D4n8U3kdiEYsRwZc6uzqAa1UoRrbekd2L3teBsZYbeb8CgZ5YxjYg9XsjkVZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 83c6b5f2ff0c4bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-all.min.css
anmeldeseiten.de/css/ 58 KB
13 KB 41ms
39ms Stylesheet
text/css 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/css/fontawesome-all.min.css
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTO0IRacBAlE4%2BxFkv5UhZMOT79Vi8GY4tE7OB%2B1fGVsv0XGuOJGhgbuYjxRhDniyXbbLLFvFbb2nDWmQ6iCc6XA0M3Z066DngZyIcDSTFXY%2FVIMqe0utpmoU64SLBrOwMGdCaQBVXK4CMb%2BA0Oe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 83c6b5f2ff0d4bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.css
anmeldeseiten.de/css/ 19 KB
4 KB 39ms
38ms Stylesheet
text/css 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/css/swiper.css
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26974c9f92ebd6561a23074c38e07b70a5ea3016e3c8b52c5d584bfe15a0cce5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189157
cf-polished: origSize=22256
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 May 2023 17:23:54 GMT
server: cloudflare
etag: W/"6453ea2a-56f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lownXihGExPHuD3qrFZ5SXIL6g6WeOQ0BEZ1CCYtGSPD%2FWYfJbQS76%2FOBx4Yvb28m4saXL7PnsdqUErBj%2F83FpdwFKLBv7ls83%2BS9hTOKaACAP8O7L2TIKBGez8vVuBLH02CZXAm955tW6b4GH5W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 83c6b5f2ff0a4bd8-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
anmeldeseiten.de/css/ 16 KB
4 KB 45ms
44ms Stylesheet
text/css 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/css/styles.css
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6cea93b7e690d85f408b45b51c3f9e6777ffeca8883bacdf556301e18d7803

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189157
cf-polished: origSize=24632
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 May 2023 17:23:54 GMT
server: cloudflare
etag: W/"6453ea2a-6038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p36347Yiit5KvxUhqq%2BxJyTjfmjo5qDNsFZABsGczbM8JlP%2BbGzFLrsz3M757zmFAEap0C8qHi3wRNMFiUtIYboDzlwaDGdqyIgWOcSWC%2B7LKdtVr78frEecHB3E921OCE6jwwgbxnAm6c0%2BOZe1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 83c6b5f2ff0f4bd8-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 129ms
60ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5390417171572549

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fb82bec372ee6aeb725a9329824253785dbc855ac536281d142bd3521440a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Origin: https://balance-einloggen.anmeldeseiten.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51265
x-xss-protection: 0
server: cafe
etag: 12466245319383252569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:28:00 GMT

GET
H2 200 up-arrow.png
anmeldeseiten.de/images/ 1 KB
1 KB 41ms
40ms Image
image/png 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anmeldeseiten.de/images/up-arrow.png
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3b5cdfaae6d3974469d92d84fec58b492843aa8655f626a6aadc495dc0222f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189157
alt-svc: h3=":443"; ma=86400
content-length: 1130
last-modified: Thu, 04 Jan 2018 20:25:56 GMT
server: cloudflare
etag: "5a4e8dd4-46a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuFsMTujGnMEOrLNNNQWuzNOK%2BpzQQMVEy6vB5B19JpltVfPXqsbdGDoFlmdZlcKmaVsLrf8zIsI4k9RWB95eDYXn7XYzEERLvAxheh5l8HIT5fdD3OKaiHB56aGK%2BEJSEU45ymee1%2FtBWBw8wOY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 83c6b5f2ff104bd8-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
anmeldeseiten.de/js/ 59 KB
17 KB 44ms
43ms Script
application/javascript 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/js/bootstrap.min.js
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-eabb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf%2F2%2FYHDrx05PV65b3fiL%2BQznm0Ol7GYYpL5hmH8OFgSe9PRFm4hmcP61a3WwnK9FffCwJZJXLUy0a8Umg8vN9uardf3cSb1dCZ0J3yE%2B8Frk0kgYyEFRpNTxnfA7NgEVeGE7Pqc4ODGknIjbQ3J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 83c6b5f2ff114bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.js Show response
anmeldeseiten.de/js/ 123 KB
33 KB 46ms
40ms Script
application/javascript 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/js/swiper.min.js
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-1eab1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqwZkmv5BFQzSxuhbp8Gdfis5J0QXJdim2FpNtXY3u8kyHC%2B03l8pMbIH40zg936jHJlStNu36lZb6Lo62MsiJ1iNEnNI%2FJj6LZJng1nIRO4XSuhbMRBN1dljSsan8L3omu3z6oNYyfAJvh%2FIzMD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 83c6b5f33f264bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 purecounter.min.js Show response
anmeldeseiten.de/js/ 5 KB
2 KB 40ms
37ms Script
application/javascript 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/js/purecounter.min.js
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411f765db1fac5fc9ad8684376b7f05bed4340e7619711f1dad18ea4a1031d63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-1408"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqARvq2MCR%2Bh%2F%2BSGr%2FXYBt8ZQTbVOen5NJ95plVQmX8mvX1cZ3b0C4DDlLqFCfi7Cp6nyu6%2BH4J7Mi5wkaZphrGDMx4hYSux6lTjGs4dTuplkrbDpeLb6HSo7FuT68ATVbqKvYdOUPiBaUr8KBmZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 83c6b5f33f274bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isotope.pkgd.min.js Show response
anmeldeseiten.de/js/ 35 KB
10 KB 41ms
39ms Script
application/javascript 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/js/isotope.pkgd.min.js
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 189157
etag: W/"6453ea2a-8a75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBF3s4cwv12l4j%2FoilOBOYNT39iyKKsFDOVoxtnS%2F9YuPWDxFT8vkFwTWH2oU59oy%2FNh1OOQt1uw61s%2BWjYo8q390V%2FffGtk7mT13fT5P%2FhVGYSiJlDnDh179l0mgYCfC81%2FgDAoyziepFEuwEiv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 83c6b5f33f294bd8-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
anmeldeseiten.de/js/ 3 KB
1 KB 41ms
38ms Script
application/javascript 2606:4700:3035::ac43:acf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://anmeldeseiten.de/js/scripts.js
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:acf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed75888e2d3b9e767b51d4b8f19316e2bbeee9e291538dabf8379ca6770883da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189157
cf-polished: origSize=4192
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 May 2023 17:23:54 GMT
server: cloudflare
etag: W/"6453ea2a-1060"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnEYCcqG1eOV5FKiq7oC%2B4VnA3%2Fl%2By33i6HBn5ZoAVTbz288naH6kKD4kbNOSiIOC2gQKXhCkGy%2FFdCLiKA6f6n2BhMWA32snIS07vpX6%2FBTmRz6vFvWnLp9zVooRpEbCXNQezx%2FymS9N5JyvO9P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 83c6b5f33f2b4bd8-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 105ms
34ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://balance-einloggen.anmeldeseiten.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:35:37 GMT
x-content-type-options: nosniff
age: 60743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 10:35:37 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 142ms
71ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://balance-einloggen.anmeldeseiten.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 04:28:54 GMT
x-content-type-options: nosniff
age: 82746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 04:28:54 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 166ms
99ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5390417171572549

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:28:00 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 441F 9 KB
4 KB 102ms
33ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5390417171572549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 82131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 04:39:09 GMT
etag: 12700215250743596434
expires: Wed, 10 Jan 2024 04:39:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
49ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C44809005

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 98ms
48ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=overlay_settings_from_ppabg&p_s=false&eid=44759876%2C44759927%2C44759837%2C44809005

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759837%2C44809005

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA30 76 KB
21 KB 639ms
638ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5390417171572549&output=html&adk=1812271804&adf=3025194257&lmt=1703734080&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703734080690&bpp=3&bdt=223&idt=260&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1694945546733&frm=20&pv=2&ga_vid=282119312.1703734081&ga_sid=1703734081&ga_hid=642590029&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809005%2C95320885&oid=2&pvsid=588354363459583&tmod=1568926982&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=285

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77827f279eec5b441343433d7de39ba58cb84318caa7bde2d66ad00e5550786b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21582
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 03:28:01 GMT
expires: Thu, 28 Dec 2023 03:28:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=navbar&cls=navbar%20navbar-expand-lg%20fixed-top%20navbar-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 72ms
72ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a6b2c1529ddd2c94dedbab714904c9118bb024074e8e3631cfac08aae411d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55995
x-xss-protection: 0
server: cafe
etag: 10331459701325958533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:28:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759876%2C44759927%2C44759837%2C44809005%2C95320885

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 964F 9 KB
4 KB 34ms
34ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 00:45:48 GMT
etag: 12700215250743596434
expires: Thu, 11 Jan 2024 00:45:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9B6B 18 KB
8 KB 107ms
35ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:58:27 GMT

GET
H2 200 aa.js Show response
q.adrta.com/ Frame 9B6B 887 B
1 KB 143ms
43ms Script
application/javascript 3.86.169.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/aa.js?cb=1703734081146
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.169.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-169-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 52f157f95f7c579dad1160e95c30d9b1aa668c9ca755221ced872017a7ce0c29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 03:28:01 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9B6B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3ynZYl6IRHytViMFET3SxGWM60E

170 B
409 B

126ms
49ms

Image
image/png

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3ynZYl6IRHytViMFET3SxGWM60E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:01 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3ynZYl6IRHytViMFET3SxGWM60E
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9B6B 3 KB
1 KB 107ms
37ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 06:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 06:56:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9B6B 20 KB
9 KB 103ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 12:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 12:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B6B 203 KB
65 KB 166ms
96ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:28:01 GMT

GET
H2 200 aid:658ceb41dcf9b3d206c90008;cid:2688390;arid:114248;c:ZYzrQQAA5Z8JHVk7AAn4JjR0S6XUFLwxQc8d0A;bexp:1800;uih:07fb3a20
wins-eu.sitescout.com/adx/px/ Frame 9B6B 43 B
267 B 309ms
100ms Image
image/gif 98.98.134.246
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins-eu.sitescout.com/adx/px/aid:658ceb41dcf9b3d206c90008;cid:2688390;arid:114248;c:ZYzrQQAA5Z8JHVk7AAn4JjR0S6XUFLwxQc8d0A;bexp:1800;uih:07fb3a20
Requested by: Host: balance-einloggen.anmeldeseiten.de
URL: https://balance-einloggen.anmeldeseiten.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.246 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:01 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 9B6B 59 KB
23 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 17:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 17:28:53 GMT

GET
H2 200 B30689863.378604814;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=521865847;ord=16c0pb;click1=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLK... Show response
ad.doubleclick.net/ddm/adj/N708113.3027484BASISDSP/ Frame 9B6B 38 KB
16 KB 141ms
69ms Script
text/javascript 142.251.167.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N708113.3027484BASISDSP/B30689863.378604814;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=521865847;ord=16c0pb;click1=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%2526client%253Dca-pub-5390417171572549%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252F2a6bd62967366bb4%25252F3277fe8fc0ab194c%25252F658ceb41dcf9b3d206c90008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F$0;xdt=1;crlt=hQgvt_jLWR;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f149.1e100.net

Software

cafe /

Resource Hash

b01b9be77af2cd5b08ce50ae484e21cb018b3b5ba7af59fe38795d51a60cf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15928
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
live-tag.creatopy.net/embed/ Frame 9B6B 1 KB
1 KB 110ms
30ms Script
application/javascript 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/embed/embed.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N708113.3027484BASISDSP/B30689863.378604814;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=521865847;ord=16c0pb;click1=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%2526client%253Dca-pub-5390417171572549%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252F2a6bd62967366bb4%25252F3277fe8fc0ab194c%25252F658ceb41dcf9b3d206c90008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F$0;xdt=1;crlt=hQgvt_jLWR;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 88476b1b10048da2c012b748d4464c18c8f3b4a771db0a28397490865371a046

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
via: 1.1 613fc2ce2843d97a87bffbdb759c82a4.cloudfront.net (CloudFront)
x-amz-version-id: OmVeChtALvVCk3U9V0YUcjX7M28sJDo0
cdn-edgestorageid: 718
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cdn-cachedat: 12/01/2023 05:19:50
cdn-pullzone: 863157
last-modified: Fri, 10 Nov 2023 12:45:47 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6e6671b3a561f909984f7d39fc4f96ef"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: max-age=2629800
cdn-requestid: 7358af00af2a30a77b7a3a8dc5c5dec8
cdn-requestcountrycode: US
x-amz-cf-id: NnxVoIXKxPHDK9HFjSaBmoO5ljJXi9qixwZoiMBz1tqNzc_UuYC2mA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 9B6B 11 KB
4 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N708113.3027484BASISDSP/B30689863.378604814;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=521865847;ord=16c0pb;click1=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%2526client%253Dca-pub-5390417171572549%2526adurl%253Dhttps%25253A%25252F%25252Fclickserv.sitescout.com%25252Fclk%25252F2a6bd62967366bb4%25252F3277fe8fc0ab194c%25252F658ceb41dcf9b3d206c90008%25252F0%25253Fr%25253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F$0;xdt=1;crlt=hQgvt_jLWR;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 11:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:42:57 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B6B 0
0 126ms
52ms Fetch
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs&sai=AMfl-YQibBlzfqnxj8564w1tbRVxq8PFiz21PUnRfgVSCSvd0HvqTb9GBPflg8PFsikeIg7JnoKMw1NVafjyNeoYj5B6I8C9lHkxtqQnkA&sig=Cg0ArKJSzFa9JFd8ZLXXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.86892&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/ Frame 5E07 21 KB
5 KB 71ms
71ms Document
text/html 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/embed/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: d4a45dbb386f542743753329c627a2e454b4ee7f4f00f3ce5dbc7898ae863905

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
cdn-cache: MISS
cdn-cachedat: 12/28/2023 03:28:02
cdn-edgestorageid: 871
cdn-proxyver: 1.04
cdn-pullzone: 863157
cdn-requestcountrycode: US
cdn-requestid: 11c45df0c35796e7214502241b26f61b
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
content-encoding: gzip
content-length: 4532
content-type: text/html
date: Thu, 28 Dec 2023 03:28:02 GMT
last-modified: Mon, 30 Oct 2023 15:03:53 GMT
server: BunnyCDN-IL1-940
vary: Accept-Encoding
via: 1.1 9750fb05bdbea09766e7d3b62ad12c44.cloudfront.net (CloudFront)
x-amz-cf-id: gPTVgiuPw--etVcxQ0MnAO92T5wm-4RVIo5iaj3EB7edN110DrZlbQ==
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: TrhBZAQJLz460gOzj6uSlFIKduEGNVFU
x-cache: RefreshHit from cloudfront

GET
H2 200 r.js Show response
q.adrta.com/ Frame 9B6B 109 B
314 B 45ms
44ms Script
application/javascript 3.86.169.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/r.js?v=23.000&rcb=659595&cb=1703734081146
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1703734081146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.169.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-169-251.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a1650361663e276cad5af7375495e8f5c1abedb9669aebe01417870225eb0144

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B6B 203 KB
64 KB 36ms
36ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:28:02 GMT

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 9B6B 33 KB
12 KB 108ms
31ms Script
application/javascript 3.162.3.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=23.000
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1703734081146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-121.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding: gzip
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 03:09:28 GMT
last-modified: Sat, 28 Oct 2023 05:29:11 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 1115
x-amz-server-side-encryption: AES256
etag: W/"82b6743c32bc1214117ff9c6593e4ac5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6hJTcP-jcngcJin6Pybi29AMN5tp47wMLXAnHSlRR2ZmiZTLBAuatQ==

GET
H2 200 bcea7c0941b34f90c935f3bee72c5e7b.js Show response
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/ Frame 5E07 143 KB
42 KB 42ms
42ms Script
text/javascript 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/bcea7c0941b34f90c935f3bee72c5e7b.js
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 664454c6ba9db6da629e516503c7ad742500cdac9421bd95e78463758e19189d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
via: 1.1 7b891ba5ffaf08dd209adf67026190da.cloudfront.net (CloudFront)
x-amz-version-id: lS.5OtrdU2Wpt0KdxL1b.7JASGJVQDMj
cdn-edgestorageid: 1070
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 11/28/2023 21:13:54
cdn-pullzone: 863157
last-modified: Mon, 30 Oct 2023 15:03:53 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66771a00761a1e7e816efff5cff1b478"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: af23d24c0c284e34bc560e80e995477b
cdn-requestcountrycode: US
x-amz-cf-id: J7nAvt6FBS8o51Y4mf8lMbPwCXMsFE-u53sJinUl9_pXlnPvp9yUYg==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 stats-queue Show response
live-tag.creatopy.net/520783917495/ Frame 5E07 378 B
688 B 83ms
82ms XHR
text/xml 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/520783917495/stats-queue?Action=SendMessage&MessageBody=%7B%22h%22%3A%225ennyg8%22%2C%22t%22%3A%22v%22%2C%22uv%22%3A%221703734082381_5ennyg8_0cc82c8ac61bd3%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22r%22%3A%22https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1%22%2C%22tz%22%3A600%2C%22jv%22%3A%2262R2DwRve67BYJdlrVdlr1DU1Vw.FXbn%22%2C%22n%22%3A8%2C%22cb%22%3A1703734082383%7D
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/bcea7c0941b34f90c935f3bee72c5e7b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 772ddace8497d10a17bc890302df85b4e31ad8b8c9e40a92a798d1bb5e478ed4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
cdn-edgestorageid: 1029
x-amzn-requestid: 7ee392f0-855d-5106-9ba2-ccf668dff6d7
cdn-cachedat: 12/28/2023 03:28:02
cdn-pullzone: 863157
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/xml
cdn-cache: MISS
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 0f304f136023d3ae1a76002aa42164db
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 b2358c42a2a8cbaf76f3b711c408d373.png
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/ Frame 5E07 12 KB
13 KB 32ms
31ms Image
image/png 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/b2358c42a2a8cbaf76f3b711c408d373.png
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 2895436cffcc57ce44d22ebf96e8826ee650854e3b554a92dad975ebd14150c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 be9e8198c11c3aefc38245bb41391566.cloudfront.net (CloudFront)
x-amz-version-id: Xg0tsSbax7KbcOUWUZ.yNv9FkCoOpFrl
cdn-edgestorageid: 1070
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 11/23/2023 01:38:40
cdn-pullzone: 863157
content-length: 12313
last-modified: Mon, 30 Oct 2023 15:03:53 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 2cba62b3db545764540b4c232e34dc7b
accept-ranges: bytes
cdn-requestcountrycode: US
x-amz-cf-id: 5T-Rxjvvgo2Of84PyoB3MipJ8-qhFDDF6iDJvtzXsQgcntrVaOdyNA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 d497918404be09d54d435245557d6124.png
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/ Frame 5E07 904 B
1 KB 36ms
35ms Image
image/png 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/d497918404be09d54d435245557d6124.png
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 2148b4cf5cf6982aff372a64342f1d342c1c2b651aed795f0340fe86ed572ab2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 4bdafa47b50e31f3589b552c7df31ad8.cloudfront.net (CloudFront)
x-amz-version-id: iavvnvlpsXXxpffHPZb_HlWYhkK9ORag
cdn-edgestorageid: 1070
x-amz-cf-pop: ORD58-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cdn-cachedat: 10/27/2023 22:05:25
cdn-pullzone: 863157
content-length: 904
last-modified: Thu, 19 Oct 2023 18:36:55 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: dc2c35c8cd2811e533bf3f5e0e3d2d09
accept-ranges: bytes
cdn-requestcountrycode: US
x-amz-cf-id: nWpkqmrXN6Alvzv3O9LXHHA8JcKnqFBcyPBG8oMSSUf4PyylwBg28Q==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8f4ff25869151876b53e4dde76fec824.svg
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/ Frame 5E07 3 KB
2 KB 35ms
34ms Image
image/svg+xml 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/8f4ff25869151876b53e4dde76fec824.svg
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: c2ae08032c53298a5f10fdc982f1a88aa06bbdc18c1e7a9d86300e457ee0eb33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 1bc8b41b2ed9cf32d0eba23fa9af49b2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-version-id: d3201N.Baf7t7ipIgCZCBA62aarOP5T2
cdn-edgestorageid: 894
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 12/25/2023 00:50:42
cdn-pullzone: 863157
last-modified: Mon, 30 Oct 2023 15:03:53 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 901e5937a921463d376df35438ef6568
cdn-requestcountrycode: US
x-amz-cf-id: wdstACMEulLX8RkRyaDtEAPLlzWfDuBF6UhA7o6ojavIXvGRjYytEg==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iberpangea_text_700_normal.ttf
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/fonts/ Frame 5E07 173 KB
99 KB 63ms
62ms Font
application/x-font-ttf 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/fonts/iberpangea_text_700_normal.ttf
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: d743a337a4e7986877f0aee0a8d285d58efe9210e152f22218686078998181e7

Request headers

Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Origin: https://live-tag.creatopy.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 0f3132031dd05e0319d8c6588e395eec.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-version-id: ajYedQFdjMgMxrguWAs1x.f0WAQYOm5U
cdn-edgestorageid: 1029
x-amz-cf-pop: ORD58-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 10/30/2023 14:00:41
cdn-pullzone: 863157
last-modified: Thu, 19 Oct 2023 18:36:55 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-font-ttf
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
access-control-max-age: 3000
cdn-requestid: 7b3a7f2f79392b0ced13e117e66f3d99
cdn-requestcountrycode: US
cdn-status: 200
x-amz-cf-id: KUXkKoURByHT5XP66B4dNU6jRkEyt6FPb3xBoTr6SJbFALdZaNW4Uw==
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 iberpangea_text_300_normal.ttf
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/fonts/ Frame 5E07 167 KB
96 KB 35ms
35ms Font
application/x-font-ttf 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/fonts/iberpangea_text_300_normal.ttf
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 6c882e3684d73356faa2ebe34cf2db2f55c43cfa90ef126566bc5a34682a8b3c

Request headers

Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
Origin: https://live-tag.creatopy.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 1385d7982831de93d1706949eb3a9f82.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-version-id: OHMBfwRyjWcEIb2S17ZWmmtno0fDVWFm
cdn-edgestorageid: 1069
x-amz-cf-pop: ORD58-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 10/27/2023 22:05:25
cdn-pullzone: 863157
last-modified: Thu, 19 Oct 2023 18:36:55 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-font-ttf
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
access-control-max-age: 3000
cdn-requestid: 08782f6afffc1fc92f857c6745575dba
cdn-requestcountrycode: US
cdn-status: 200
x-amz-cf-id: elOXF8fyVnUIUSPfTnAhGvRmMgUqzpPoF3qbXWQoqhAcLp2tExka-g==
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 9B6B 130 B
245 B 247ms
81ms Script
text/javascript 2600:1f14:b4f:4b01:3851:4f93:66e2:747e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1703734082397

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:3851:4f93:66e2:747e Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2803726781e2855c675b335502fe559a54e7448706bcdd1a5b31cb2f5e54674a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 9B6B 143 B
271 B 141ms
44ms Script
text/javascript 44.210.43.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=55641096&__aasv=23.001&__aaii=13692837438625556756&__aait=1703734082246&__aavz=600&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=8&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aasz=160x600&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1703734081146&__aaxf=96.9.246.196%2C%2010.1.1.173&__aaci=ss&paid=ss&avid=114248&caid=2688390&publisherId=pub-5390417171572549&kv5=1&plid=7161750&segment=27093&kv4=2602%3Affc8%3A2%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=658ceb41dcf9b3d206c90008&kv3=&kv55=1.0,1!google.com,pub-5390417171572549,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&kv2=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1&__aapr=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de&__aatu=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.43.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-43-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8d55c92d4e506194720429912e813967a864bb854465ee9c2ca9e179c360adcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 aid:658ceb41dcf9b3d206c90008;cid:2688390;iid:2;ts:1703734081146;vwmc:1;vwc:0 Show response
viewability-events-z1n.sitescout.com/viewability/ Frame 9B6B 0
347 B 103ms
101ms Script
text/plain 98.98.134.246
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://viewability-events-z1n.sitescout.com/viewability/aid:658ceb41dcf9b3d206c90008;cid:2688390;iid:2;ts:1703734081146;vwmc:1;vwc:0
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.246 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B6B 0
0 52ms
51ms Fetch
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs&sai=AMfl-YQibBlzfqnxj8564w1tbRVxq8PFiz21PUnRfgVSCSvd0HvqTb9GBPflg8PFsikeIg7JnoKMw1NVafjyNeoYj5B6I8C9lHkxtqQnkA&sig=Cg0ArKJSzFa9JFd8ZLXXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=534&vt=11&dtpt=532&dett=4&cstd=0&cisv=r20231207.86892&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
53ms XHR
application/json 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fe29f379dbb12cb36002d3bba4d78d7554f9d289d53d2e1d9d9595d3f5504ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12406
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B6B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b09353fdadbc441ec45af93e1f38bb49cb824080c12adfc00e57a9d15f9f4da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b2358c42a2a8cbaf76f3b711c408d373.png
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/ Frame 5E07 12 KB
13 KB 44ms
42ms Image
image/png 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/b2358c42a2a8cbaf76f3b711c408d373.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 2895436cffcc57ce44d22ebf96e8826ee650854e3b554a92dad975ebd14150c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 be9e8198c11c3aefc38245bb41391566.cloudfront.net (CloudFront)
x-amz-version-id: Xg0tsSbax7KbcOUWUZ.yNv9FkCoOpFrl
cdn-edgestorageid: 1070
x-amz-cf-pop: ORD52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 11/23/2023 01:38:40
cdn-pullzone: 863157
content-length: 12313
last-modified: Mon, 30 Oct 2023 15:03:53 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 65eb04cafda01dcbf2c79c352fbea0fc
accept-ranges: bytes
cdn-requestcountrycode: US
x-amz-cf-id: 5T-Rxjvvgo2Of84PyoB3MipJ8-qhFDDF6iDJvtzXsQgcntrVaOdyNA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 d497918404be09d54d435245557d6124.png
live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/ Frame 5E07 904 B
1 KB 44ms
43ms Image
image/png 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/media/d497918404be09d54d435245557d6124.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 2148b4cf5cf6982aff372a64342f1d342c1c2b651aed795f0340fe86ed572ab2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://live-tag.creatopy.net/designs/5ennyg8/embed/dcm_google_c_m/index.html?hash=5ennyg8&width=160&height=600&t=1703734082223&userId=954860&network=DCM_GOOGLE_C_M&type=html5&clickTag=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzY_Sz_I0al6J1Yfbbpnz8CzcAFC2_PuAYAbEEEOULU-Y-9pYTKer3DJ-zy6EdJb8nkAtyRSnE-z5AuEPcKDkSbTo6dkd_vYiplNmsCLEjsHgUAyG28vzXFntXvZkMPYqwXUs1F5zX3oEU9NbmTPEoiBGmoQQuueY8c6zKn1PjHKPCfkpj-PHr8geTuBlNEKs%26sai%3DAMfl-YQABM3RHJ3T81MWh-SjsPIs7mHrkPzS70zC2LjrjXIwyKRwEI5PhHHiPDerFlr5igT7sKyH1LQ0_odiHeLmBPUPiVJ_eRGSV4NH7Q%26sig%3DCg0ArKJSzAuQ256Du1TYEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%25253Fsa%25253DL%252526ai%25253DCSvJdQeuMZZ_LA7uy9fgPpvCn4AeFmLKwbOuE_rCnEMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTUzOTA0MTcxNzE1NzI1NDnIAQmoAwHIAwKqBIYCT9DmU4feEfFoNLEeuIQaNLQ1JHhk15bGiQBwEVOPL10jqvIDG9X1Ocvf10RCkKTLZYSFrUiLpaOaOaCBYOoNmc7C-dphjjTi7lTbfFQ15Xqrza3xHF-03G55fyWGv4eRBt6uw4xOXvgH6zMXtkUb9WA9H7DQGHdM-3A2AWJMn4jAxWWzcyOacdW4vSv8oP25v8mUdYxldw9YF_AR7bQzTnGjPRw_WOwYsYoj0tTgHtPRdSqIu2p4LrVfRkQp-jWNMSdOIPAnROhkKJ23pQgPX6JQAVpQkkYJfGNxtrh6zrOWfGn1yvIHEHAaHZ_nvvn834aUfv9DK6-U0dpBCEDkNo__II6GwoAG9JeD_KO-iN1qoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNrJwoWYsYMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2lsdUpe_H0KptkOgu5vvh6C131jg%252526client%25253Dca-pub-5390417171572549%252526adurl%25253Dhttps%2525253A%2525252F%2525252Fclickserv.sitescout.com%2525252Fclk%2525252F2a6bd62967366bb4%2525252F3277fe8fc0ab194c%2525252F658ceb41dcf9b3d206c90008%2525252F0%2525253Fr%2525253Dhttps%3A%2F%2Fnyseg.chooseev.com%2Fabout%2F%25253Futm_campaign%25253D2023_avangrid_nyseg_consumer%252526utm_source%25253Dbasis%252526utm_medium%25253Dds_display%252526utm_content%25253D2023_avangrid_nyseg_consumer_bs_display_18778_evaware_01_nyseg_ba_l&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
via: 1.1 4bdafa47b50e31f3589b552c7df31ad8.cloudfront.net (CloudFront)
x-amz-version-id: iavvnvlpsXXxpffHPZb_HlWYhkK9ORag
cdn-edgestorageid: 1070
x-amz-cf-pop: ORD58-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cdn-cachedat: 10/27/2023 22:05:25
cdn-pullzone: 863157
content-length: 904
last-modified: Thu, 19 Oct 2023 18:36:55 GMT
server: BunnyCDN-IL1-940
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: c99c910996c66a1d371a6b911dd1a766
accept-ranges: bytes
cdn-requestcountrycode: US
x-amz-cf-id: nWpkqmrXN6Alvzv3O9LXHHA8JcKnqFBcyPBG8oMSSUf4PyylwBg28Q==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 i Show response
adrta.com/ Frame 9B6B 15 B
172 B 44ms
44ms Script
text/javascript 44.210.43.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=63258032&__aasv=23.001&__aaii=13692837438625556756&__aait=1703734082246&__aasi=4328129233082264393&__aast=1703734081902&__aavi=2773695503437376895&__aavt=1703734081902&__aavz=600&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=8&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=282&__aacd=1&__aaax=0&__aaay=0&__aasz=160x600&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=304&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1703734081146&__aaxf=96.9.246.196%2C%2010.1.1.173&__aas21=2602%3Affc8%3A2%3A104%3A%3A14&__aas23=2602%3Affc8%3A2%3A104%3A%3A14%2C%2010.2.1.217&__aaci=ss&paid=ss&avid=114248&caid=2688390&publisherId=pub-5390417171572549&kv5=1&plid=7161750&segment=27093&kv4=2602%3Affc8%3A2%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=658ceb41dcf9b3d206c90008&kv3=&kv55=1.0,1!google.com,pub-5390417171572549,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&kv2=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1&__aapr=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de&__aatu=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.43.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-43-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:28:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEB9 13 KB
5 KB 35ms
33ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 02:02:34 GMT
expires: Fri, 27 Dec 2024 02:02:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CFA8 829 B
1 KB 116ms
48ms Document
text/html 2607:f8b0:4004:c1d::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3ca101acc130e04e2f46386a2b5be394d3ca1882ad799086580acc8fdaaef80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SKVNnSjwX2wg_to2pSQWHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://balance-einloggen.anmeldeseiten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SKVNnSjwX2wg_to2pSQWHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 03:28:02 GMT
expires: Thu, 28 Dec 2023 03:28:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EEB9 39 KB
15 KB 40ms
35ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 23:05:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CFA8 0
0 49ms
48ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=588354363459583&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EEB9 0
10 B 38ms
34ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6YtgQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:28:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=588354363459583&bg=!39yl3JPNAAY3kmNgF5I7ADQBe5WfONGOK3PHMMDoYzVzi5YNsDWhWpiZ9ZIy2DS-Zo91-oDK49TfPwHTAANK9ejC-1d0AgAAAGNSAAAAA2gBB5kDIJG1eaKHTAnYUVHrJyL8rNA88vbUbyUj-QkoJ8Ie_Sigu0n5IXtgFXFpTad_JH0iroIZEhKcd2Kk3KFliPL6PlM0ezxgazntC6I9aMiyEgTe4P_t4KWNMomoBE9eZd4lru9OjrIPHHez42oU6tMNspqW2CsTx6ZPLMn4S2LRJ7xWPdaU9pYqevsc68ZYtEN66p_vgAOFl0NHW8DKf3vPMkUlvX_1Y2b7T1TkDMmOlNVeXTA5T7CPE2gQ0PO5b0Nh4T1H-5bjR7Ta6N4h-WmhUH0An7QAIfdiwx49PKGTK0o-EtDYx3SPPgXbioc1CzoYaS2f3oZX-3WI3icQylOEICbm8lk1h-anchBnIzXYUmdzuZLUyoJwDOWC1u-Vn_xRGkvMhpC5OXMWg4_bBdSPkcp26f_AjMFtv-e3Orwu4TUmWNjxGtzyk_jHQJdTY1LhS__FdFifEpC3ZX3qvYfN-rb_jGNkE8iA0ZKR_SWd3COKyZ-tqxsMTSqSFlyKkto6OIRfgy2ktgXK-BFikmharddDGjO4O0xJdBgI47tcbzWHAv4x2VdTFZV4H54DbLIs_phSd8o-qFIMfn_J6rPf8lV0gBMNX1csoXVWYcRJKBhNWRJQh1S0vJxVI9wihZON5RFAkclhWR4C1sBgEhaWrfE9ILRkUjueiNDuGj9CejaYsOVUlvB0mURhKzO6YLQf0jFH266WDcAJPEUMP0GXIvyukifjR3-Vx3x0cHUbnVbRJpVMxaliX-O4kxvki6lPnNT2ANHwTGRAYrmXY9RGwQyk9d_n0toFtixA4_6PrBaPMSlDM-6RfoBtcX-fvCDVUjB54KA3dULamTdk_HfTF2D2qJYOIq2ruaoLoR3q1IQSaejD4U5ZAIDsjJJC5SdDKlFmabigd5YqytqnkcpRHZ3Cr3sHFxVpbxuFcbviZ4sVIZjH4IHUUMtTjIf7D6-Im--cy--TuZwB0nURrZ3WvH7I-Cr79VBni4fPqd6XdLVOTYX9Md1um6kUcDU2iVpLq7jsfKAhf2AYLubzi_tCSI16u2Rdi2SpH4G--eCo5yyb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance-einloggen.anmeldeseiten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B6B 42 B
64 B 50ms
50ms Fetch
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstg0UnNXBed8g1VdyvkE-M3Mvjfg3kecrjc2zEm40Ow0VyHv4pCaA9ZrkSwTg8-9khRJP1Y6uV_neSKXie3ec8AOw71ypCpe5CUG6Cmb0etp1TvRk_klPbVaU3U&sig=Cg0ArKJSzHpe3BWo8CZYEAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=32&adk=521865847&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703734081767&rpt=884&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B6B 42 B
64 B 50ms
50ms Fetch
image/gif 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusf_kSW9vmmT77xiqHamEQPy9huyKXkUPHNtStoH9owBOZuCDIWlXVuhFBw0C2iywHxZUvC42Wr7I7-uEtd-fb2kJkPFWo9SnF2LvYjaCprjFqCCMKZLu9&sig=Cg0ArKJSzFnI8kHKffpPEAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703734081767&rpt=882&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
adrta.com/ Frame 9B6B 15 B
172 B 45ms
44ms Script
text/javascript 44.210.43.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=35553345&__aasv=23.001&__aaii=13692837438625556756&__aait=1703734082246&__aasi=4328129233082264393&__aast=1703734081902&__aavi=2773695503437376895&__aavt=1703734081902&__aavz=600&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=8&__aahd=%7B%22chrome%22%3A1%7D&__aarf=7&__aart=282&__aacd=1&__aaax=0&__aaay=0&__aasz=160x600&__aapf=1&__aaec=4&__aaup=3&__aaat=0&__aaae=0&__aaav=1&__aaas=1016&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1703734081146&__aaxf=96.9.246.196%2C%2010.1.1.173&__aas21=2602%3Affc8%3A2%3A104%3A%3A14&__aas23=2602%3Affc8%3A2%3A104%3A%3A14%2C%2010.2.1.217&__aaci=ss&paid=ss&avid=114248&caid=2688390&publisherId=pub-5390417171572549&kv5=1&plid=7161750&segment=27093&kv4=2602%3Affc8%3A2%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=658ceb41dcf9b3d206c90008&kv3=&kv55=1.0,1!google.com,pub-5390417171572549,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&kv2=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de%2F&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-5390417171572549%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1&__aapr=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de&__aatu=https%3A%2F%2Fbalance-einloggen.anmeldeseiten.de
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.43.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-43-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Thu, 28 Dec 2023 03:28:03 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 aid:658ceb41dcf9b3d206c90008;cid:2688390;iid:2;ts:1703734081146;vwmc:1;vwc:1 Show response
viewability-events-z1n.sitescout.com/viewability/ Frame 9B6B 0
347 B 101ms
100ms Script
text/plain 98.98.134.246
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://viewability-events-z1n.sitescout.com/viewability/aid:658ceb41dcf9b3d206c90008;cid:2688390;iid:2;ts:1703734081146;vwmc:1;vwc:1
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.246 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 03:28:02 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sitescout.com/	1970-01-21 02:01:10	Name: ssi Value: df29d962-5e88-447c-ad56-2305113dd2c4#1703734081871
.adrta.com/	1970-01-21 02:51:34	Name: __aavi Value: 2773695503437376895
.adrta.com/	1970-01-21 02:51:34	Name: __aavt Value: 1703734081902
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 4328129233082264393
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1703734081902
.sitescout.com/	1970-01-20 17:58:46	Name: _ssuma Value: eyI2OCI6MTcwMzczNDA4MTg5OX0
.doubleclick.net/	1970-01-20 21:34:46	Name: APC Value: AfxxVi6APFl1epE-LDqOrFEuRU_23cq3e_qBaDw34t2QqH4Yu5AvEg
.doubleclick.net/	1970-01-21 02:51:34	Name: IDE Value: AHWqTUnUbt5t1pC1Oan1zB75_Qb4vj-r5oamAjtZsPkJcNOy6clekJGUgKXqMONEOog
.anmeldeseiten.de/	1970-01-21 02:37:10	Name: __gads Value: ID=3947ca8ff541136d:T=1703734081:RT=1703734081:S=ALNI_MY30UTcizlSR37rr4xlBq7rJW-5tQ
.anmeldeseiten.de/	1970-01-21 02:37:10	Name: __gpi Value: UID=00000dae89c52dae:T=1703734081:RT=1703734081:S=ALNI_MbKOOV_7t1TCTFGZDeUS5Y3R4_H2g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adrta.com
anmeldeseiten.de
balance-einloggen.anmeldeseiten.de
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ipv6.adrta.com
live-tag.creatopy.net
pagead2.googlesyndication.com
pix.adrta.com
pixel-sync.sitescout.com
q.adrta.com
tpc.googlesyndication.com
viewability-events-z1n.sitescout.com
wins-eu.sitescout.com
www.google.com
www.googletagservices.com
142.251.167.149
172.253.115.155
172.253.63.154
207.198.113.93
2400:52e0:1a00::940:1
2600:1f14:b4f:4b01:3851:4f93:66e2:747e
2606:4700:3035::ac43:acf9
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::84
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c1d::68
3.162.3.121
3.86.169.251
44.210.43.240
98.98.134.246
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
2148b4cf5cf6982aff372a64342f1d342c1c2b651aed795f0340fe86ed572ab2
26974c9f92ebd6561a23074c38e07b70a5ea3016e3c8b52c5d584bfe15a0cce5
2803726781e2855c675b335502fe559a54e7448706bcdd1a5b31cb2f5e54674a
2895436cffcc57ce44d22ebf96e8826ee650854e3b554a92dad975ebd14150c9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3fe29f379dbb12cb36002d3bba4d78d7554f9d289d53d2e1d9d9595d3f5504ee
411f765db1fac5fc9ad8684376b7f05bed4340e7619711f1dad18ea4a1031d63
52f157f95f7c579dad1160e95c30d9b1aa668c9ca755221ced872017a7ce0c29
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5e3b5cdfaae6d3974469d92d84fec58b492843aa8655f626a6aadc495dc0222f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
664454c6ba9db6da629e516503c7ad742500cdac9421bd95e78463758e19189d
6c882e3684d73356faa2ebe34cf2db2f55c43cfa90ef126566bc5a34682a8b3c
6fb82bec372ee6aeb725a9329824253785dbc855ac536281d142bd3521440a4b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba
772ddace8497d10a17bc890302df85b4e31ad8b8c9e40a92a798d1bb5e478ed4
77827f279eec5b441343433d7de39ba58cb84318caa7bde2d66ad00e5550786b
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9
7a6b2c1529ddd2c94dedbab714904c9118bb024074e8e3631cfac08aae411d75
7c7311ebb10229427e5fe935be398404b0987e175a4c9a8bd8b265e309a96e05
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
88476b1b10048da2c012b748d4464c18c8f3b4a771db0a28397490865371a046
8b09353fdadbc441ec45af93e1f38bb49cb824080c12adfc00e57a9d15f9f4da
8d55c92d4e506194720429912e813967a864bb854465ee9c2ca9e179c360adcc
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1650361663e276cad5af7375495e8f5c1abedb9669aebe01417870225eb0144
b01b9be77af2cd5b08ce50ae484e21cb018b3b5ba7af59fe38795d51a60cf5f5
bbd9a01ee431f4605324091ee2b00747b480d538a2192138b2f7814b3dcff6e3
c2ae08032c53298a5f10fdc982f1a88aa06bbdc18c1e7a9d86300e457ee0eb33
c3ca101acc130e04e2f46386a2b5be394d3ca1882ad799086580acc8fdaaef80
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
cd6cea93b7e690d85f408b45b51c3f9e6777ffeca8883bacdf556301e18d7803
d4a45dbb386f542743753329c627a2e454b4ee7f4f00f3ce5dbc7898ae863905
d743a337a4e7986877f0aee0a8d285d58efe9210e152f22218686078998181e7
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a86a9621a308806cc57f007b64b986abe9855118fd651766c2ca66d35e2e2b
ed75888e2d3b9e767b51d4b8f19316e2bbeee9e291538dabf8379ca6770883da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

balance-einloggen.anmeldeseiten.de Open in urlscan Pro 2606:4700:3035::ac43:acf9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

56 %IPv6

10 Domains

20 Subdomains

18 IPs

1 Countries

961 kBTransfer

2582 kBSize

10 Cookies

24 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

balance-einloggen.anmeldeseiten.de Open in urlscan Pro
2606:4700:3035::ac43:acf9 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

56 %
IPv6

10
Domains

20
Subdomains

18
IPs

1
Countries

961 kB
Transfer

2582 kB
Size

10
Cookies

68 HTTP transactions
1 data transactions