krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://absensi.bella-skin.de/
Effective URL:
https://krank.de/produktcheck/bella-skin/
Submission Tags: phishingrod
Submission: On February 23 via api (February 23rd 2023, 7:45:09 pm UTC) from DE — Scanned from DE

Summary HTTP 206 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 38 domains to perform 206 HTTP transactions. The main IP is 35.204.103.237, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is krank.de.
TLS certificate: Issued by R3 on February 8th 2023. Valid for: 3 months.

This is the only time krank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.116.173.69 62.116.173.69	15456 (INTERNETX-AS) (INTERNETX-AS)
13	35.204.103.237 35.204.103.237	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee	16509 (AMAZON-02) (AMAZON-02)
2 21	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
2 4	46.228.164.11 46.228.164.11	() ()
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:f325:981e:6456:70dc	() ()
1 1	2600:9000:223... 2600:9000:223f:1800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	52.59.64.86 52.59.64.86	16509 (AMAZON-02) (AMAZON-02)
9	2a02:2638:3::3 2a02:2638:3::3	() ()
1	178.250.1.6 178.250.1.6	() ()
8	2a02:2638:3::f 2a02:2638:3::f	() ()
1	2a02:2638:3::1a 2a02:2638:3::1a	() ()
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	() ()
206	35

1 62.116.173.69 (Germany) 1 redirects

ASN15456 (INTERNETX-AS, DE)
PTR: lb-2.avenso.net

absensi.bella-skin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.204.103.237 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: word1.hyro.ag

krank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80a::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Castricum, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:f325:981e:6456:70dc (None, )

ASN- ()

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.64.86 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-64-86.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (None, )

ASN- ()

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::f (None, )

ASN- ()

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (None, )

ASN- ()

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	574 KB
39	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	204 KB
18	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	132 KB
16	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	257 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 2640 adservice.google.com — Cisco Umbrella Rank: 73	122 KB
13	krank.de krank.de	774 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3705	32 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	339 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	5 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 778 syndication.twitter.com — Cisco Umbrella Rank: 1135	149 KB
4	turn.com 2 redirects ad.turn.com r.turn.com	2 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	2 KB
3	fbcdn.net static.xx.fbcdn.net	134 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386 ads.eu.criteo.com — Cisco Umbrella Rank: 8414 cat.nl3.eu.criteo.com	56 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	820 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
2	facebook.com www.facebook.com	32 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	793 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 589	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	956 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4426	651 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1865	574 B
2	bahn.de at.bahn.de — Cisco Umbrella Rank: 70376	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	89 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	339 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	443 B
1	innovid.com ag.innovid.com	298 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398	587 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	460 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34240	613 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	465 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	576 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	81 KB
1	bella-skin.de 1 redirects absensi.bella-skin.de	98 B
206	38

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net krank.de pagead2.googlesyndication.com tpc.googlesyndication.com
21	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net krank.de
20	pagead2.googlesyndication.com	krank.de pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com krank.de googleads.g.doubleclick.net
13	krank.de	krank.de
10	static.addtoany.com	krank.de static.addtoany.com
9	static.criteo.net	ads.eu.criteo.com static.criteo.net
9	www.google.com	2 redirects www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	pix.eu.criteo.net	ads.eu.criteo.com
8	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	platform.twitter.com	static.addtoany.com platform.twitter.com
3	static.xx.fbcdn.net	www.facebook.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ups.analytics.yahoo.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	match.360yield.com	2 redirects
2	secure.adnxs.com	2 redirects
2	ap.lijit.com	2 redirects
2	r.turn.com	krank.de
2	ad.turn.com	2 redirects
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	at.bahn.de	krank.de
2	syndication.twitter.com	platform.twitter.com krank.de
2	connect.facebook.net	static.addtoany.com connect.facebook.net
2	www.google-analytics.com	krank.de www.google-analytics.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cse.google.com	krank.de
1	www.googletagmanager.com	krank.de
1	absensi.bella-skin.de	1 redirects
206	55

This site contains links to these domains. Also see Links.

Domain
www.bella-skin.de
bit.ly
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.addtoany.com

Subject Issuer	Validity	Valid
krank.de R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2022-12-14` - `2024-01-07`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://krank.de/produktcheck/bella-skin/
Frame ID: 1096569E170385571B807D4F26B3908A
Requests: 49 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: E935A01633FDB6A85803015022D2E1C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 308335B862B611E5C0029D932C1593EF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkrank.de
Frame ID: 5B25212DB4B338A184EDB420F939029F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1677181495&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181495342&bpp=2&bdt=423&idt=208&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3966111149926&frm=20&pv=2&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255
Frame ID: 5CA7F74CAEAF71DF0AA29A63F81BF755
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 3D4C02830015FD84A5D7A6E871B5918C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90
Frame ID: 04E747278D64F0B2F9321A1B2F83D40C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151
Frame ID: 43DB118ED186585723B7A8788417CAEC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156
Frame ID: 3CC10243006BB36B69678E919E178E3A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4E19F6378EC8CDFE50E0E11509E86042
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 88FA2E1451D4BD5BE97A4198641FF52A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 40603A42823917D96B3A53F4ECD74B47
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE1B70166FD3564AA6A60F5CC1DE54C2
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1BC63942B3B5407D600104C5123CBE67
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6207A0474034C6EC9EA9BAB7510AD3A2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: 2FE2D3E816D46D5FE61B30CE50E182F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: 7CA83B744F55971819890BB0BB0FC5EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: AC3C5B5933B8A2D79FAF1F2E9A67D8D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: E03E54456EF00AC49D0BDB1EAFD2E3C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_fCOQAHrmwKGa0GAA85rCDReB3imEu-ZaC9PQ&u=%7C85dmtuBpoHSmtxH%2FamWMEwmRma7QsBZCE%2B6xZD9FT8c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkOg_Kg37ZGQdbt5vRA2sT_ct2CutcC4WC6WVR2U1OXhK6VjfaqojvnImcrbivc7hQG-qdP74FDEjMACkAHW34YGfu2DCq06Tx8PxIzkbZRxNPb20awVCLoa2pPaJEwIs-CmCaEb1H9T74jhzuJjsVrWX0g1EUy4QsbsLZ6AzFUEH8X5zJ6O3pR9z9n_W3hkZfmAcLKU-ltTAvheay62bToITEBn0juqMlmmqqO-vxV7mgXvvKw47RefCTilKeLq1uBCp2WoKKzB1YJjHZj4RltKjXvLlvwNhZXeBTT1htmxoiFmkmI-vvW3-T4kqX_7Cagd1RU8HuSnWuVnBPJVauqR1jkXiBfPjenYhokcEBdBSWwEt9R3PXE72x-v6Z4aZ-YHrF7yL2HL0DomJdSvb4TKu1h7DP5zzB9EZqrRFJN7vuTMEp3sLcxNl449xztHzL3CVaqploHZfFzzOwoDHbIb5OpPxkAwzq2sCQ9MGq-Bp3BDDIqdTJRnrDiHspHp9-MSBKSLtcq2trTTN1cXBzANri46Z0AH4noef6tzXrQliEMA3-numesYxxO_rwXS80w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiPIhOcL3Y-zcHobaZqzzvPAMyZ7SsVz1kd6-sQHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzE3NjMyMzIzNDQwNTYzOcgBCakCDqtjOsnLsT6oAwGqBNABT9Di4pvUruL4fZ2A1N_aiQy1oe4Q5HxAYNNBkXhyi5VsfJIJN57hWzN2UFj2f1VLZcOlHbXip9VxqGBH8jcjZUc3aHkn8m8ujrpWSPqTUqClgM4NBiUvOP0cGNOpMYtC4BCkU6CLvRGBtjV5ftVx2e8PoA0H4g2PYuO0F-opABE_B7W_YHOMOdGnGTbDsOgEEo2W9QwDOwmKGzt9ZWrlQryclfEHYgjG65fiQYOszzTtqGxLF-1ka7PRcXCeWSlw4M7PG0WnPSRNPzTI7mo4JIAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Zv1PGBs9fdOFaVXnGJPzlsw3eYQ%26client%3Dca-pub-7176323234405639%26adurl%3D
Frame ID: D606C8CC5055D6BD9429C88ADB06E098
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48C8032BE7FF31A8F499600B7BAC22FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56F57792452E593AA23FAF7DDD29BA1F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87AA8C05B252BA0D6559E6458B9A7FC2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: E72464F7F139F6AF394EDD275B3F0710
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
Frame ID: C8C464834134E82F47C7E3A81D74AB6B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e592b53575c6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 30FD5ACBF6B844577A0AF033746A11E8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8B2C4D271AD5BA37C163344E8200DA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BEE2A8D8110B9BE43EDD543D2D75753
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14151930151ff%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: FB5B9553EE03F0CA6B41BBC56AA879AB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bella Skin Produktcheck - Bewertung - Produkt im Test » Krank.de

Page URL History Show full URLs

https://absensi.bella-skin.de/ HTTP 307
https://krank.de/produktcheck/bella-skin/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

206
Requests

90 %
HTTPS

59 %
IPv6

38
Domains

55
Subdomains

35
IPs

7
Countries

3005 kB
Transfer

8563 kB
Size

30
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bella-skin.de/
Title: Bella-Skin.de

Search URL Search Domain Scan URL

URL: https://bit.ly/bella-skin
Title: Bella Skin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://krank.de/produktcheck/bella-skin/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Bella%20Skin%20-%20https://krank.de/produktcheck/bella-skin/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&media=https%3A%2F%2Fkrank.de%2Fwp-content%2Fuploads%2F2020%2F06%2FBella-Skin-2.jpg&description=Bella+Skin
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/krank.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Krank_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/krank.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://absensi.bella-skin.de/ HTTP 307
https://krank.de/produktcheck/bella-skin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei HTTP 301
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMuXgArHJ_cJycn-7h0G5cU&google_cver=1&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fyv52HtIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fyv52HtIw&google_hm=eS10d1FGQ25sRTJwRktOV1hIUk5MWmFXQWZyb21MVW5sNn5B

Request Chain 125

https://d5p.de17a.com/cookies/google?google_gid=CAESENTMraScn-5Qjf73wN6lXFI&google_cver=1&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENTMraScn-5Qjf73wN6lXFI&google_cver=1&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg

Request Chain 126

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmAaVJD9PE12pWLywwB6Ng&google_cver=1&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4VEA9Zrxus6EQVza7JWjqRR18 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmAaVJD9PE12pWLywwB6Ng&google_cver=1&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4VEA9Zrxus6EQVza7JWjqRR18 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU0MjU3MTM4ODYzODc5ODgyMw&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4VEA9Zrxus6EQVza7JWjqRR18

Request Chain 127

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPeExzbIqw5e4ZlpSpiz88k&google_cver=1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677181498437 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b75e675b-f809-4389-b840-4c07b0787d4b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow%26google_hm%3DA7deZ1v4CUOJuEBMB7B4fUs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&google_hm=A7deZ1v4CUOJuEBMB7B4fUs

Request Chain 128

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKY3yKgsjUAsiof0HsGsHHg&google_cver=1&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_2OA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_2OA&google_gid=CAESEKY3yKgsjUAsiof0HsGsHHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5MjUwMjM3MjExMDQ5MTczNzAzNg%3D%3D&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_2OA

Request Chain 129

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7sDzo2PABnz99DEZwMaqM&google_cver=1&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MOAGetRnZkzVMzIvx3uuWXPHZtuQTZxG HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7sDzo2PABnz99DEZwMaqM&google_cver=1&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MOAGetRnZkzVMzIvx3uuWXPHZtuQTZxG&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MOAGetRnZkzVMzIvx3uuWXPHZtuQTZxG

Request Chain 158

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVS-wsEsOUI5tZbgIwsUQU&google_cver=1&google_push=Aa02lx_9TnMVDSh-mpKBJNO5o0FGD_TqnTc6heVqIJpdmKnO91vAqgxS8DGjyHpwqUCDidtyoy-gW2sQXzlvHmRaULhMQnwbL9HTWFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkzNjgzNjcwMjExNzY3NTIwOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1

Request Chain 160

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG1EKHOavQzWcewJMCClCvs&google_cver=1&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4ynoTud7VXAn9fabjhyvXk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4ynoTud7VXAn9fabjhyvXk&google_hm=CmFXTgXkTiGE5FIILVMmAAk

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGG6pN7iu182A7f_3FGiq64&google_cver=1&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3vBNfcaM0mZJxFFzxFLHDGLsqKyZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVISUs3MkQtMVotVjAz&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3vBNfcaM0mZJxFFzxFLHDGLsqKyZQ

Request Chain 162

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPHumUvSRHlxzb6zO7FK6pc&google_cver=1&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPHumUvSRHlxzb6zO7FK6pc&google_cver=1&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI&google_hm=GNNAtGZHAXxklttnSHylSDTh

Request Chain 163

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA7Zfc_YBWQqDtjdvq0dyPE&google_cver=1&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXjraJSxFlVaF_fIFHOaVLVGJF6Tna0jtVKwD_vcuI6_SvlvJe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXjraJSxFlVaF_fIFHOaVLVGJF6Tna0jtVKwD_vcuI6_SvlvJe

Request Chain 164

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374US8j2xwHlz3w3b7h4MVJt-JwR3gkdO90fE-c-5LMFmi8-3TJCARn2WNed3ghSxOcfBG0LUXGusbwmFvffU9tqC0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDZ36JhiF8_nUWSurR7JPrE%26google_cver%3D1%26google_push%3DAa02lx-tpg1hW374US8j2xwHlz3w3b7h4MVJt-JwR3gkdO90fE-c-5LMFmi8-3TJCARn2WNed3ghSxOcfBG0LUXGusbwmFvffU9tqC0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg4NDY2MjQyMzQzNzI0NjA1MQ%3D%3D&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374US8j2xwHlz3w3b7h4MVJt-JwR3gkdO90fE-c-5LMFmi8-3TJCARn2WNed3ghSxOcfBG0LUXGusbwmFvffU9tqC0

Request Chain 170

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1&google_push=Aa02lx-c9A9D_1nW-CcpW2IqYc50xhbQlkIHxFexmgWUHII7s5ysWmBgkraL46apPMgHdBuxHGP3KQSUbL5d0gw9_Rz9Js-wHVxC3B0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg2NDc3OTEwODA3OTc0NzI3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1

Request Chain 171

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYYGkl6xEpG67MJFVfZc2k&google_cver=1&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN3rTdvPUsmg0M9pclE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN3rTdvPUsmg0M9pclE&google_hm=hmP3wjrJpwX7HxMR9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63F7C23AC9A705FB1F1311F7BLIS

Request Chain 172

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO7C6qh2UKAVQjMGkryCzho&google_cver=1&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI73ikBd0PmmUIRqqAfE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzQzOTY4NzY2NTY0NTcxOQ%3D%3D&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI73ikBd0PmmUIRqqAfE

Request Chain 174

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPfBB3F7QRWz4gmjq8TkN-M&google_cver=1&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVnukzp658BbvRvbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVnukzp658BbvRvbA

Request Chain 175

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAuDnwIGfFJDNnxoToH84Yo&google_cver=1&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY77obzcXxRX03-hgYHA0Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY77obzcXxRX03-hgYHA0Y

Request Chain 176

https://match.360yield.com/match/ebda?google_gid=CAESEAeMR0AgQW4GdqPfUmCd8rI&google_cver=1&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZWfbtYAzAg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAeMR0AgQW4GdqPfUmCd8rI&google_cver=1&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZWfbtYAzAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=X958rfYHTHWsAVhqzPKXKA&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZWfbtYAzAg

206 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
krank.de/produktcheck/bella-skin/
Redirect Chain

https://absensi.bella-skin.de/
https://krank.de/produktcheck/bella-skin/

91 KB
25 KB

159ms
32ms

Document
text/html

35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

444d490e7cedac709539c00eb3ebe4fae8266b4f5120c7468d6b78415243e95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 19:44:54 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

Redirect headers

content-length: 77
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 19:44:54 GMT
location: https://krank.de/produktcheck/bella-skin/

GET
H2 200 autoptimize_404871244ea11cd1c28cf822381c0560.css
krank.de/wp-content/cache/autoptimize/css/ 2 MB
300 KB 17ms
16ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

b4170fbefa369102b379ca6a41b01bf303452549627b398926b26b58c89bae11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:54 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:18:59 GMT
server: nginx
etag: W/"63cab0e3-1940f8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebs_dynamic_css.php
krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ 0
275 B 32ms
32ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:54 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 85ms
22ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18863
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 79e275781ff73612-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 143ms
51ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9213fa7b9104271f11244b01baa6d90edfd0594ebb53ef73e7b92230c200d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Feb 2023 19:44:55 GMT

GET
H2 200 krank-logo.gif
krank.de/wp-content/uploads/2017/09/ 5 KB
5 KB 21ms
20ms Image
image/gif 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/09/krank-logo.gif

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Tue, 19 Sep 2017 14:28:58 GMT
server: nginx
etag: "59c129aa-1523"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5411
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penci-holder.png
krank.de/wp-content/themes/soledad-theme/soledad/images/ 125 B
333 B 22ms
21ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/images/penci-holder.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-7d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 176ms
108ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c446fba1ca9de796111160202174081ab3d82e65771acf8200a7c96ab1719a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49617
x-xss-protection: 0
server: cafe
etag: 6375832698739889134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 19:44:55 GMT

GET
H2 200 copyscape-seal-blue-120x100.png
krank.de/wp-content/uploads/2017/02/ 4 KB
4 KB 22ms
21ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/02/copyscape-seal-blue-120x100.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Sun, 26 Feb 2017 20:32:54 GMT
server: nginx
etag: "58b33b76-101a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js Show response
krank.de/wp-content/cache/autoptimize/js/ 370 KB
121 KB 23ms
23ms Script
application/javascript 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/js/autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:24:24 GMT
server: nginx
etag: W/"63cab228-5c795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 75 KB
76 KB 15ms
15ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-12d68"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 momizat.ttf
krank.de/wp-content/plugins/krank/fonts/icons/momizat/ 102 KB
102 KB 15ms
15ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/icons/momizat/momizat.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:31 GMT
server: nginx
etag: "59dde70f-19748"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104264
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penciicon.ttf
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 33 KB
33 KB 17ms
17ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/penciicon.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-8370"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
21ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 19:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 23 Feb 2023 21:12:19 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/ 18 KB
18 KB 15ms
14ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_404871244ea11cd1c28cf822381c0560.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:40 GMT
server: nginx
etag: "59dde718-466c"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18028
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bella-Skin-5-300x300.jpg
krank.de/wp-content/uploads/2020/06/ 41 KB
41 KB 15ms
15ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/06/Bella-Skin-5-300x300.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

157203cbd07f5e85964e9432fc9a9d747e9ddf82dbbace58e00292fdebb49d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Thu, 04 Jun 2020 02:18:28 GMT
server: nginx
etag: "5ed859f4-a2af"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41647
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

10 KB
5 KB

158ms
68ms

Script
text/javascript

2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3341d0192709ffd397c35a6270b85eae8de1a3d7ba8b28b56a67fe39369f824d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3518
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Thu, 23 Feb 2023 19:44:55 GMT

Redirect headers

date: Thu, 23 Feb 2023 19:20:06 GMT
x-content-type-options: nosniff
server: sffe
age: 1489
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Thu, 23 Feb 2023 19:50:06 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame E935 677 B
541 B 25ms
24ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1952947
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 79e2757909793612-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 19:44:55 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 36ms
24ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1711307
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 79e275791931bc03-FRA

GET
H2 200 Bella-Skin-4-300x300.jpg
krank.de/wp-content/uploads/2020/06/ 48 KB
48 KB 15ms
15ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/06/Bella-Skin-4-300x300.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe27f3957b829c084373f77e8282630f6a717401a43ca4d41fb2bae90b0c9983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=63072000
last-modified: Thu, 04 Jun 2020 02:18:29 GMT
server: nginx
etag: "5ed859f5-bec8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48840
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 41ms
40ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1513102891&t=pageview&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ul=en-us&de=UTF-8&dt=Bella%20Skin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=36001163&gjid=1230320930&cid=1551276956.1677181495&tid=UA-75122288-1&_gid=329187595.1677181495&_r=1&_slc=1&z=479506867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVNJPTS5GE&gtm=45je32m0&_p=1513102891&cid=1551276956.1677181495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677181495&sct=1&seg=0&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&dt=Bella%20Skin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 91ms
90ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d16bd548c8a5df0bebd173ba1d66e58df94a135b4505ab417a1cf733c2991dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122955
x-xss-protection: 0
server: cafe
etag: 14203095422686568451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 19:44:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 3083 10 KB
5 KB 82ms
20ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 22:03:21 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 22:03:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 49ms
17ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75122288-1&cid=1551276956.1677181495&jid=36001163&gjid=1230320930&_gid=329187595.1677181495&_u=IEBAAEAAAAAAACAAI~&z=1195253784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 19:44:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 318 B
503 B 19ms
19ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"13e-5edb43f5ee978"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0ae7bc03-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
677 B 42ms
41ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0ae8bc03-FRA

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 803 B
728 B 16ms
15ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
etag: W/"323-5edb43f7a8f98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0ae9bc03-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
914 B 17ms
16ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"471-5edb43f896478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0aebbc03-FRA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
545 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"17a-5edb43f5eca38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0aecbc03-FRA

GET
H3 200 wordpress.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
961 B 20ms
19ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/wordpress.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c901f6fdf97c666548546f46fe4db9455c08cc8e724207645e0841893a5a07bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"51a-5edb43f8abc38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0aeebc03-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
547 B 19ms
18ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8076695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"189-5edb43f5e5cd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 79e2757a0aefbc03-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 42ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a83e1a6466a90a75cc9b0480eb23cbc81631a4e4886bd12bdcf876a46747b817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 19:44:55 GMT
content-md5: B/r7bCChwPdvPg7bqyUcow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 9BDOM4H8Bza+40dLlw1i1XjQHKYLSUwOe3suJIgEQlFfYz792Z9t1tUql9XjHufaVWWNRpUqPFzZYyDjS+a0HA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 1f925cbe0e56f07f7b9f556f7542dc18
cross-origin-opener-policy: same-origin-allow-popups
etag: "5a1a78a49f86c0b08698f0f3d8932612"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 23 Feb 2023 19:50:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 102ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 19:44:55 GMT
Content-Encoding: gzip
Age: 109
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (amb/6B86)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
86 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b532cc55c602698fdb3d57a243c137c9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92dc7c53b8bea985bd33177fc892a5e10ca43627f61df06efe0d6165818f62c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 19:44:55 GMT
content-md5: rS11L8ugWpCU1iFwL8CT6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88460
x-fb-rlafr: 0
x-fb-debug: WypaL4AWb7u1eSJlQIjKfdDPFhKTn14wdDyhlqOvW9W9nRtFU+VYEHek318IEkO6EMV41+vg3EtN2C5VvicM8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 29dcd640165c1a333f51b35496c33a2f
cross-origin-opener-policy: same-origin-allow-popups
etag: "4772be127c1d31e1d14d5fd9fdb5bbf4"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 23 Feb 2024 17:18:10 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/c23214b953e32f29/ 305 KB
102 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__de.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3072864adfe9480b0c5cc40fbe938b5245b371f151590e1bae406d0186ebcee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104169
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 22 Feb 2024 16:20:11 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/c23214b953e32f29/ 41 KB
9 KB 23ms
22ms Stylesheet
text/css 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/default+de.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 01:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 22 Feb 2024 01:44:03 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 21ms
20ms Stylesheet
text/css 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:07:26 GMT
x-content-type-options: nosniff
age: 2249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 23 Feb 2023 19:57:26 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 5B25 320 KB
104 KB 33ms
33ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkrank.de
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC0) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2584898
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Feb 2023 19:44:55 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
602 B 117ms
41ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=krank.de&callback=_gfp_s_&client=ca-pub-7176323234405639

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b948ab983e040af7125bcd52c801d56c2eae8c2709bd12e83776192343d4450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 130ms
42ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 141ms
42ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CA7 541 KB
97 KB 1465ms
1464ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1677181495&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181495342&bpp=2&bdt=423&idt=208&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3966111149926&frm=20&pv=2&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d3792218418d47c24e01a891a40e8db43476d3aa7aecd22660f7f375742d8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:57 GMT
expires: Thu, 23 Feb 2023 19:44:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5B25 919 B
649 B 241ms
139ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9cff3ec0fd55717586d9855e5a5289b1de82798e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fkrank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 113
date: Thu, 23 Feb 2023 19:44:55 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 23 Feb 2023 19:44:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 68b4775c6d582d0e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 77c57aa284207aa8284042c6125c62ab9c159abbae2f38f9f36026e69437125b
content-length: 326

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 12ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 19:44:55 GMT
Content-Encoding: gzip
Age: 2584897
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (amb/6B86)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 3D4C 37 KB
14 KB 13ms
12ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2584896
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Feb 2023 19:44:55 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B86)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 135ms
135ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Krank_de%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1677181495899%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=9cff3ec0fd55717586d9855e5a5289b1de82798e

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 106
date: Thu, 23 Feb 2023 19:44:55 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 23 Feb 2023 19:44:55 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 0609735da38b2fbe
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 77c57aa284207aa8284042c6125c62ab9c159abbae2f38f9f36026e69437125b
content-length: 43

GET
DATA 200
OK truncated
/ Frame 3D4C 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 93ms
93ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa59851be1a2b2ad33b18eea574c65fffd440d3a269e7ca1856f6d0684544751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52070
x-xss-protection: 0
server: cafe
etag: 10395174993839931766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 43ms
41ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 44ms
43ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 04E7 111 KB
36 KB 1034ms
1033ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd67bf615bffbda0e943aab06139a1ca766cf13c8f29dd8ebb355b7ba1934ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37058
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:58 GMT
expires: Thu, 23 Feb 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43DB 89 KB
33 KB 1491ms
1491ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6d6ef13a4ad46bf5fb1335e7c93611b6aeecc44208e9cf744c524abab55fc0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33500
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:58 GMT
expires: Thu, 23 Feb 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3CC1 28 KB
12 KB 865ms
865ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05738513983da123b7c122bc7bd853875b13e30c16d33d37953b592691ab7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12629
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:58 GMT
expires: Thu, 23 Feb 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
60ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
58ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=krank.de

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 4E19 10 KB
4 KB 45ms
44ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 04:41:39 GMT
etag: 10353107486223812946
expires: Thu, 09 Mar 2023 04:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 88FA 10 KB
4 KB 44ms
44ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 04:41:39 GMT
etag: 10353107486223812946
expires: Thu, 09 Mar 2023 04:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 4060 10 KB
4 KB 44ms
44ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 04:41:39 GMT
etag: 10353107486223812946
expires: Thu, 09 Mar 2023 04:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame EE1B 10 KB
4 KB 45ms
45ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 04:41:39 GMT
etag: 10353107486223812946
expires: Thu, 09 Mar 2023 04:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E19 4 KB
1 KB 107ms
42ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:15:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E19 205 B
649 B 86ms
21ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:26:49 GMT
x-content-type-options: nosniff
age: 1088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Feb 2024 19:26:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E19 604 B
694 B 86ms
22ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:26:22 GMT
x-content-type-options: nosniff
age: 1115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Feb 2024 19:26:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/ Frame 4E19 19 KB
8 KB 97ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 00:40:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 88FA 6 KB
746 B 106ms
44ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:07:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 88FA 2 KB
799 B 132ms
64ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 88FA 22 KB
9 KB 118ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 88FA 3 KB
1 KB 129ms
63ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 88FA 20 KB
8 KB 90ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88FA 158 KB
49 KB 145ms
83ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 88FA 33 KB
14 KB 98ms
42ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4060 6 KB
746 B 94ms
44ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:14:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 4060 2 KB
799 B 120ms
63ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 4060 22 KB
9 KB 111ms
55ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 4060 3 KB
1 KB 116ms
62ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 4060 20 KB
8 KB 82ms
27ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4060 158 KB
48 KB 205ms
155ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 4060 33 KB
14 KB 70ms
26ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EE1B 8 KB
969 B 83ms
43ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EE1B 2 KB
846 B 108ms
60ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE1B 0
0 66ms
66ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK4eFN8L3Y4qfJ5aE-cAPvo-o4AvZtN6Ab72JxsXAEPuBw6aiMhABIOL99AVgleKQgqAHoAHlh6LiA8gBCakCDqtjOsnLsT6oAwHIA8sEqgTRAU_QcVGt901-NWoTkkluuefp20FHGaxrS3uknvEowZzSgi9z7Jq92ERGBQ2LxTYn7a7cV0OA_Yhq--UPsKQHQ-HAeUP2M-hti50ydksI4DuSDtGwnABSSvN_31eeqMTMEZtNB5gP_QNAnnE_C9Z-4l8ZVj6c511XmooHno5QoEkBU9izFgKc7nAEV1enTj2vhnXDw6syC9J_0d7urWoz3lY4tvOO1ixbQRJkST8W-pC4wcLGcil_8Pq96ofZdcEGtzSPEpEBPEw-_oOPTVd1MwGqwATGuqanjQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgfd1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQx_cK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzE3NjMyMzIzNDQwNTYzORgA&sigh=NzmSLHB8Njo&uach_m=[UACH]&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&template_id=5000

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame EE1B 22 KB
9 KB 104ms
58ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EE1B 3 KB
1 KB 106ms
61ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EE1B 20 KB
8 KB 85ms
41ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE1B 158 KB
48 KB 184ms
143ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame EE1B 33 KB
14 KB 56ms
22ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5752977833939574441/ Frame EE1B 17 KB
18 KB 86ms
44ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5752977833939574441/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89a5191232cf6633c0aaa8a85e2aa55a34fe15f5dc9a1a89ed7c0c117521c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 12:22:55 GMT
x-content-type-options: nosniff
age: 544922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17902
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 08:49:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 12:22:55 GMT

GET
DATA 200
OK truncated
/ Frame EE1B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70153df69d938fbfd9831d10b022c660a340a79b1dcb4f70a6371cc3c5367af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE1B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 1BC6 8 KB
969 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:06:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 1BC6 2 KB
799 B 20ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 1BC6 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 1BC6 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 1BC6 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BC6 158 KB
48 KB 108ms
106ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:57 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 1BC6 33 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6207 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE1B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 981224da5709221a53ce1d7c67872d2779fb00ecc750d91c6b3dc46d024bb406

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13624058317486833260/ Frame 88FA 23 KB
23 KB 22ms
22ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13624058317486833260/2076313506083323656

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31646283b728e5faaa5361429ba05884ee7065cc958f1e25783c85b26e252b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:51:10 GMT
x-content-type-options: nosniff
age: 3227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23375
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 06:56:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 18:51:10 GMT

GET
H3 200 15586393867191895012
tpc.googlesyndication.com/simgad/ Frame 88FA 976 B
1003 B 21ms
21ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15586393867191895012?w=100&h=100

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28da93235862f265d45a9240d6f5c03641413548c659b466d32ffa46a746e37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:09:53 GMT
x-content-type-options: nosniff
age: 556504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 976
x-xss-protection: 0
last-modified: Wed, 18 Dec 2019 09:10:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 09:09:53 GMT

GET
DATA 200
OK truncated
/ Frame 88FA 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 88FA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aa96db279ee5f23b1755fcc9bac1efd044a73be874aca089c43ab694f0e4ece

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FE2 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H/1.1 200
OK ai.aspx
at.bahn.de/ Frame 88FA 43 B
1 KB 195ms
16ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=19310519256&cb=1528829624

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 23 Feb 2023 19:44:58 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 23 Feb 2023 07:44:58 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 88FA 0
18 B 65ms
65ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMvrkN8L3Y4ifJ5aE-cAPvo-o4AuZsvD2bqi7qaSTEc2npbuSDhABIOL99AVgleKQgqAHoAHvhMrLAsgBCakCDqtjOsnLsT6oAwHIA8sEqgTTAU_Q2IjhwegZo3kFlnZdJZhiaQ84m6iUs8bs35LAicATlPFY-5v7h61umLgHT0CsL2LAc9XQw7RuahWT2Y5zHyu98O6mgCA1aQJ6pbTCaKO2TxxRWr3P6VibR_d-_OjR970K8pfMIb-UGc3k4_J9WvejzZNzDwMhaV_HX1WQiWr9c8jmJ5dJGpYgyvYm8gAN73JhmYqj6oViFzxP0ll7vit3XgAFxX52wpGFjTmUDCm_xyQ_yJve8yGup0yJrZrpoxPjvVcaN844oPUCWS-Y5cv1QcjABPHZ8sCYBJIFBAgEGAGSBQQIBRgEoAYugAf5-rW0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENnKCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03MTc2MzIzMjM0NDA1NjM5GAA&sigh=MtjiGfv9TwI&uach_m=[UACH]&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&template_id=484&vis=1

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6207
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

77ms
76ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:57 GMT
expires: Thu, 23 Feb 2023 19:44:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13624058317486833260/ Frame 4060 23 KB
23 KB 22ms
22ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13624058317486833260/2076313506083323656

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31646283b728e5faaa5361429ba05884ee7065cc958f1e25783c85b26e252b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:51:10 GMT
x-content-type-options: nosniff
age: 3227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23375
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 06:56:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 18:51:10 GMT

GET
H3 200 15586393867191895012
tpc.googlesyndication.com/simgad/ Frame 4060 976 B
1003 B 31ms
30ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15586393867191895012?w=100&h=100

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28da93235862f265d45a9240d6f5c03641413548c659b466d32ffa46a746e37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:09:53 GMT
x-content-type-options: nosniff
age: 556504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 976
x-xss-protection: 0
last-modified: Wed, 18 Dec 2019 09:10:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 09:09:53 GMT

GET
DATA 200
OK truncated
/ Frame 4060 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4060 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f8b8985823e02530512f962b587e010c9dff8dae877e1884baff33e9ecfb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CA8 36 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame AC3C 36 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H/1.1 200
OK ai.aspx
at.bahn.de/ Frame 4060 43 B
1 KB 129ms
17ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=19310519256&cb=386969718

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 23 Feb 2023 19:44:57 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 23 Feb 2023 07:44:58 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4060 0
18 B 78ms
78ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfj2MN8L3Y4mfJ5aE-cAPvo-o4AuZsvD2bqi7qaSTEc2npbuSDhABIOL99AVgleKQgqAHoAHvhMrLAsgBCakCDqtjOsnLsT6oAwHIA8sEqgTTAU_Q92D55CPPWYJ2MIDzgw_p-GgJd0f5OB-M8SXnWoBMJuKXfgS9DA_W23E2O89IGb9TSKMYUEd48tFBrSqH2NEp3LP-ZGs_lTpN_pci7zxGqFeqVdwpSl6JzKdE7sgM458XFSd3tZrMCmhVDiUDuak0rsK-Va_xbvD8JEUrCiGWr7LGWX0DStqQ7WAASiLUinONwDpvwOsZXIQ44-L6hdycnN2UbkD_iq0-ho5SUXmjpMDINBXitxBv7YA0dgOcp1Q9rhF7J_ITp5QNw5fuy4bNT3_ABPHZ8sCYBJIFBAgEGAGSBQQIBRgEoAYugAf5-rW0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEImSA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03MTc2MzIzMjM0NDA1NjM5GAA&sigh=851nQsHu8H0&uach_m=[UACH]&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&template_id=484&vis=1

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame E03E 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 3CC1 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 3CC1 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3CC1 0
0 43ms
42ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlISOZDFA1QciEUbRJLoVwSA62txuNaRZ0schpcpSOuf2-0OLiWBiPUkwZ-l6LbnZ_EoMHDQfICa0xHFvge-b-moCISQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CC1 158 KB
48 KB 80ms
79ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3CC1 0
0 63ms
63ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb-epOcL3Y-zcHobaZqzzvPAMyZ7SsVz1kd6-sQHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzE3NjMyMzIzNDQwNTYzOcgBCakCDqtjOsnLsT6oAwGqBM0BT9Di4pvUruL4fZ2A1N_aiQy1oe4Q5HxAYNNBkXhyi5VsfJIJN57hWzN2UFj2f1VLZcOlHbXip9VxqGBH8jcjZUc3aHkn8m8ujrpWSPqTUqClgM4NBiUvOP0cGNOpMYtC4BCkU6CLvRGBtjV5ftVx2e8PoA0H4g2PYuO0F-opABE_B7W_YHOMOdGnGTbDsOgEEo2W9QwDOwmKGzt9ZWrlQryclfEHYgiE6bZwxgww3ItxvM-bKkucYqfbx3qwQavEKPNp6fq5ETzIlbDbUYAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzE3NjMyMzIzNDQwNTYzORgA&sigh=Zvum9WEl2FM&uach_m=[UACH]&cid=CAQSPADUE5ym79ERt1uDVpY9gx6vrD1qFj2GKahI-gyvqrS_ckNkiIy0d7ggsFzOGd5ulbmmlauIfbTRHdPCwhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3CC1 0
0 56ms
13ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kZiKE8z6RPQImAKdg2ICAgAAAPScWjJ9ld1duNpWtxA5wvdj_N1M0ARh0cjT6AAAEgAACg5BUVVCQVFZQkFRRUJBUQ&wp=Y_fCOQAHrmwKGa0GAA85rCDReB3imEu-ZaC9PQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 173104
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D606 207 KB
56 KB 729ms
98ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_fCOQAHrmwKGa0GAA85rCDReB3imEu-ZaC9PQ&u=%7C85dmtuBpoHSmtxH%2FamWMEwmRma7QsBZCE%2B6xZD9FT8c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkOg_Kg37ZGQdbt5vRA2sT_ct2CutcC4WC6WVR2U1OXhK6VjfaqojvnImcrbivc7hQG-qdP74FDEjMACkAHW34YGfu2DCq06Tx8PxIzkbZRxNPb20awVCLoa2pPaJEwIs-CmCaEb1H9T74jhzuJjsVrWX0g1EUy4QsbsLZ6AzFUEH8X5zJ6O3pR9z9n_W3hkZfmAcLKU-ltTAvheay62bToITEBn0juqMlmmqqO-vxV7mgXvvKw47RefCTilKeLq1uBCp2WoKKzB1YJjHZj4RltKjXvLlvwNhZXeBTT1htmxoiFmkmI-vvW3-T4kqX_7Cagd1RU8HuSnWuVnBPJVauqR1jkXiBfPjenYhokcEBdBSWwEt9R3PXE72x-v6Z4aZ-YHrF7yL2HL0DomJdSvb4TKu1h7DP5zzB9EZqrRFJN7vuTMEp3sLcxNl449xztHzL3CVaqploHZfFzzOwoDHbIb5OpPxkAwzq2sCQ9MGq-Bp3BDDIqdTJRnrDiHspHp9-MSBKSLtcq2trTTN1cXBzANri46Z0AH4noef6tzXrQliEMA3-numesYxxO_rwXS80w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiPIhOcL3Y-zcHobaZqzzvPAMyZ7SsVz1kd6-sQHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzE3NjMyMzIzNDQwNTYzOcgBCakCDqtjOsnLsT6oAwGqBNABT9Di4pvUruL4fZ2A1N_aiQy1oe4Q5HxAYNNBkXhyi5VsfJIJN57hWzN2UFj2f1VLZcOlHbXip9VxqGBH8jcjZUc3aHkn8m8ujrpWSPqTUqClgM4NBiUvOP0cGNOpMYtC4BCkU6CLvRGBtjV5ftVx2e8PoA0H4g2PYuO0F-opABE_B7W_YHOMOdGnGTbDsOgEEo2W9QwDOwmKGzt9ZWrlQryclfEHYgjG65fiQYOszzTtqGxLF-1ka7PRcXCeWSlw4M7PG0WnPSRNPzTI7mo4JIAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Zv1PGBs9fdOFaVXnGJPzlsw3eYQ%26client%3Dca-pub-7176323234405639%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90db7ccfb146d8804bff7f36148b14e7b307859077b3e7b52f55777731e65fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:44:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8PJyLJs_tH8okk6WPPSxMUfIETuewkVH0uYE8es0RK84s8Fl6YzF0yPptun_DftfMFWnaoZZMc_cfNHz12lffgh05FnaWSqSIfqWfcpilkmv8Uk_0ALG42SMVAlkPh4fV8kuw9Q0CnFepWwXCKCkErCEGegue_pRt7VLgWHBo1wKXuAxODnpTo_WU82tyMj33dkAab1UTL4QjAlZd2eXY17yNJjdiQ_48eGxUp8_GYGyGBCwcr9DHfPAUFu3oUxQ8fzXnQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66096672
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 48C8 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 10:57:40 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 10:57:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3CC1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df7d1512d1274b7b2dd2245e43b1f852af00815baba427bcd4177069de4e520c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 48C8 0
174 B 65ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKA9rJcKmEQ8DkygvNKLisA&google_cver=1&google_push=Aa02lx-x917NDAYD0NlL4BszL_j0XICTTPiVo3BIEVwWcT2U9UGDnzD2LSpuiwrYuyoc7V0xx_6N0HVmar0TwoK1z-gR3V_DpKGoyiM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMuXgArHJ_cJycn-7h0G5cU&google_cver=1&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fyv52HtIw&google_hm=eS10d1FGQ25sRTJwRktO...

170 B
188 B

21ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fyv52HtIw&google_hm=eS10d1FGQ25sRTJwRktOV1hIUk5MWmFXQWZyb21MVW5sNn5B

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Feb 2023 19:44:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8EQFhkFEcaI-_vpKbCWFJ5oguhR9XUI0qBjisJEOVT6Izz3xx5FL9jRLmgD801A0YykrVdavZQA1nUspahxr8h4fyv52HtIw&google_hm=eS10d1FGQ25sRTJwRktOV1hIUk5MWmFXQWZyb21MVW5sNn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENTMraScn-5Qjf73wN6lXFI&google_cver=1&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENTMraScn-5Qjf73wN6lXFI&google_cver=1&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-6eurGYz-TI4LU49pVz9cJi3D0gPFwozWe9v3l4uySiVCe5-4jL4RMfUMq1-4oSrwQzGdszB3XE6pQzBMfbUMW5S1Xw4G3Dg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmAaVJD9PE12pWLywwB6Ng&google_cver=1&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4V...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmAaVJD9PE12pWLywwB6Ng&google_cver=1&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU0MjU3MTM4ODYzODc5ODgyMw&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE...

170 B
233 B

40ms
40ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU0MjU3MTM4ODYzODc5ODgyMw&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4VEA9Zrxus6EQVza7JWjqRR18

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU0MjU3MTM4ODYzODc5ODgyMw&google_push=Aa02lx8uvnPadf8hYTKUh47wKdKlbEYQ2mGrSIMjilsphMRiqX2RA17IWaENOr1EKcx2FWtCCFp3CE4VEA9Zrxus6EQVza7JWjqRR18
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-b75e675b-f809-4389-b840-4c07b0787d4b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_na_2hdcWY3v-PT0Z-A...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&google_hm=A7deZ1v4CUOJuEBMB7B4fUs

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&google_hm=A7deZ1v4CUOJuEBMB7B4fUs

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_na_2hdcWY3v-PT0Z-AHwgurQrjAdw4KCA5UFldFJc0F9WZdsSTysUZe1aRTZPzQFvrbAn8a2X3naxcXeDK1q2GPFI1ik1Ow&google_hm=A7deZ1v4CUOJuEBMB7B4fUs
date: Thu, 23 Feb 2023 19:44:58 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb75e675bf8094389b8404c07b0787d4b003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKY3yKgsjUAsiof0HsGsHHg&google_cver=1&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5MjUwMjM3MjExMDQ5MTczNzAzNg%3D%3D&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR...

170 B
330 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5MjUwMjM3MjExMDQ5MTczNzAzNg%3D%3D&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_2OA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjk5MjUwMjM3MjExMDQ5MTczNzAzNg%3D%3D&google_push=Aa02lx9opxkgyL28Azk4bkI_-sVtRElEWMw-y3zfWfhjlitH7Nrx32TR17p9GzAEhuWhel_ebrcnYj28D_SP3VeyViVBEMzkKc_2OA
date: Thu, 23 Feb 2023 19:44:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 48C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7sDzo2PABnz99DEZwMaqM&google_cver=1&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MO...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP7sDzo2PABnz99DEZwMaqM&google_cver=1&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MOAGetRnZkzVMzIvx3uuWXPHZtuQTZxG

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx8QpFspr_e3k18uDDjj2jPOBEa7Sx9vTHThPEzpG_RmdaqrK6-c3e0dpcnvPi20zF07MOAGetRnZkzVMzIvx3uuWXPHZtuQTZxG
date: Thu, 23 Feb 2023 19:44:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 48C8 0
131 B 52ms
14ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jeb0_I5w6os487UR42U5Xgr-v3YC30k6N-At3Xt5k5sp2kq2utEzZb3gT6xEJGt007kpN9dw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 04E7 9 KB
9 KB 78ms
51ms Image
image/jpeg 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSnPl6mbQN-ZmnSZwriNzxrD4DaCnsDH7r1YcAvukLR_u9Usj-G&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37600955484561b0e9f21d1e5ac2e489506a99bb84d5cb4781785b00a2b135d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:04:43 GMT
x-content-type-options: nosniff
age: 538815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9005
x-xss-protection: 0
last-modified: Sat, 10 Sep 2022 17:13:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 17 Feb 2024 14:04:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 04E7 9 KB
10 KB 527ms
26ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTWrtbJjZAAgAbBOE8mlwhk-YRa2kWz0w01xeu5G4d0vlm_E_c&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc81a2f2b8d0384992449ee8261f462956349c0d20f5b20bcb4183be40e1b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 12:55:00 GMT
x-content-type-options: nosniff
age: 542998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9321
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 04:34:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 17 Feb 2024 12:55:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 04E7 9 KB
9 KB 533ms
32ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSo1xSOLp4yupGnstd7gY0q1Bf_bL00LZ19FpARi4nQJPnhzbnT&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c6f96805e182d290a0b7ff71f72d3c9898108d0c7b81324510a0d3f3a058b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 08:33:52 GMT
x-content-type-options: nosniff
age: 126666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9212
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 12:00:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Feb 2024 08:33:52 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 04E7 8 KB
9 KB 529ms
28ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTWfQEWaxtBz2EvdVK2yXRvmLh2s2xEbDMpxd3A317tQMGklmM&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6540ccc15b5024b232b24c71adf5dd1cc4a56829f709ef5cd3a48d93b26031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 05:53:38 GMT
x-content-type-options: nosniff
age: 136280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8213
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 19:10:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Feb 2024 05:53:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 04E7 2 KB
765 B 39ms
39ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 04E7 0
0 83ms
82ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CClYSOcL3Y9nKGpSkZ8HIufAOifDWjW-emZirqRDIxYCZqDIQASDi_fQFYJXikIKgB6ABjMGMwwPIAQmpAg6rYzrJy7E-qAMByAPLBKoE1QFP0GietAGFcfBiukAHMU9EKg64QtDUWFOchYdCTQIYc_TIF84puQbnr-UFrMeaqYCznk9VD0pQvMWDjYfLdEtljLv59RWu2Ui9DMGrK3tidRE8ibTLDc4wGiLLhO-ABbB7_TgJip2V1CPFlhFt2I7GT0uLSnTUmGsc7-WbihGKz-7iOVPJgHSe8tocrpcSY3keMU8qBjgSHH7HYxvHamgqF6VgGmim9j1l-Gt6smXy6q8uYKW1iwBBUy12ELN89x1K5uDiI7F678MaVoCCnXg__D-WL0jABJyC5ouqBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeW7O4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJS-BdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTcxNzYzMjMyMzQ0MDU2MzkYAA&sigh=8y9NGVOa5tw&uach_m=[UACH]&cid=CAQSPADUE5ymx5JgfYX9cFaxuZ0Ql_VnweR6x78Qwdss98QvlKdDI7EXGqSagy6rU7gN4ymrSqeihONO72qShhgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 04E7 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 04E7 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 04E7 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 04E7 0
0 65ms
64ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRV-J7Cc4zsJXRhtbHjFPJbe1N0Z8vIWykrFQf9UYfO-ZhIMrmt8xyntFtDHgRzItnywUfEVG9BRt1uxtyey4ZNRRv4w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04E7 158 KB
48 KB 76ms
76ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:58 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 04E7 33 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 04E7 89 KB
90 KB 68ms
54ms Image
image/jpeg 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQquQ0IikBQejK8mRvBIhLiFm7bWUE2wuLoE9WCfMMwaSQ3baA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adc911406234d328ce3d4d5168b49a28e1f3b2be8a030e94ed1471ab083a3e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:15:45 GMT
x-content-type-options: nosniff
age: 1753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91560
x-xss-protection: 0
last-modified: Wed, 16 May 2018 07:35:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 23 Feb 2024 19:15:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 56F5 1 KB
643 B 32ms
25ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 10:57:40 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 10:57:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 04E7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 557d9de19daf142dec6fe9a23a8c2afc88973d20b2ed55b8a11b4993a563bf09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88FA 42 B
64 B 108ms
66ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-HHd-yYTTEbwuIzhSFWtko1d9BdcDxypSo1Aq58rxvD0_wpAUtzFW3xzEd2tb4GxWX-JKJQWSxv7zC7MerloFp6mu6j_nTaat5dP4L9VUpAV9npiIU2Zyp0ZG7StMIc2-8Ay1VA&sai=AMfl-YTCRpsBZYNDZTRT7pGYHWvaj8cmOWD5nGTqN2cwgU39deefllHErOSGZfB2NXbZFvCrz3JIU6_8aAhM&sig=Cg0ArKJSzLC9xTJcc0v0EAE&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&id=lidar2&mcvt=1002&p=0,0,500,180&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677181497491&rpt=338&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE1B 42 B
64 B 76ms
66ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswh6R6nerQo-g6YysRUFRK6ytz3nC8PJUsrV57lODQt-EQs-U-D0OHUP8fWcz-Ala0yKHsRP1kDZ-bqW2UJfGJ5kWCWsr_yVgblSuwqdjvdiXh5YVCXyuXJvY4fXfjgQbWQKeepg&sai=AMfl-YTt22DoiDPwiKtk4re4vo8qL3jUb8h-nqiWB6VXECfVucXS002T6jz2A1gLC-QCf45SHhzyp85Yj7Ak&sig=Cg0ArKJSzNm0j0Enb0RSEAE&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=150,821,1001,1001,1001&tos=150,671,180,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677181497496&rpt=437&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 43DB 6 KB
672 B 54ms
54ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Feb 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 19:13:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Feb 2023 19:44:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 43DB 2 KB
765 B 27ms
26ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 43DB 22 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 43DB 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 43DB 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:28:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 43DB 0
0 55ms
54ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBCw1zxZ48dwppB2cBeOUmoU8PRt07sJ8Ysq9AZys4bhPrRaUY2XkV5LVTTjhQ6JQZYQd8lIX2LoGSSx83uFVZUW5Ycw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43DB 158 KB
48 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 43DB 33 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 43DB 0
0 69ms
69ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Csu2bOcL3Y7GfHovOZsXtlsAG_pyoqW7pkOGK6RCn3bqi1ggQASDi_fQFYJXikIKgB6ABl7XtkyjIAQmpAg6rYzrJy7E-qAMByAPLBKoE2gFP0GFRIqEagLSm58t6mT_2f-DAFA1ZPOoTzJxJG41EHvPYFR4HtTbvz0CbagGwliB--zOZ3C2W023p_9IYK5d0XgP1ZcFE6vZdbHeKv1hUiDnGBhtfnfU5w5Gv88JzylxJMiyOtQ4HSkNGLC7HUFQrK7RiZDH2TaxbRs-K7efyurCcmT2nPCNZW7G40P0TDXYm_P00JdEkcLrjuj4vhmLB_bDzrpMpEQ2GXPotXd0GtTd3lJQ55CS0dN8ZAY60yFWq_h7Y62hfouYlZigtWk2eaI8MpHEONozT_cAE0ZSPhPADkgUECAQYAZIFBAgFGASgBi6AB5ftvfMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9oYF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBmBYBgBcBshccChoIABIUcHViLTcxNzYzMjMyMzQ0MDU2MzkYAA&sigh=soqmlTr-xzg&uach_m=[UACH]&cid=CAQSPADUE5ymYwNfDqJmJbOh9RCJy3O5aGWEclpuV3JUPF6e3IKycAel9auNLzktZD_m6r9qJ0zSFvGdSfxVrxgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Feb 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/12961143382938824289/ Frame 43DB 35 KB
35 KB 62ms
61ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12961143382938824289/2728354180183721846

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72003b7a3185b65621b1221bee872ff0141fe767e88f1b9cebafd1245c9710e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36194
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 22:24:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 19:44:59 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 56F5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVS-wsEsOUI5tZbgIwsUQU&google_cver=1&google_push=Aa02lx_9TnMVDSh-mpKBJNO5o0FGD_TqnTc6heVqIJpdmKnO91vAqgxS8DGjyHpwqUCDidtyoy-gW2sQXzlvHmRaULhMQnwbL9HTWFw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkzNjgzNjcwMjExNzY3NTIwOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1

43 B
398 B

68ms
15ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1
Requested by: Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 56F5 35 B
465 B 62ms
8ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKoa0Fi-hwGBo0Ll9bthanI&google_cver=1&google_push=Aa02lx9SLHWJJi7u2yfFs4YNrAntyMI-yEbdDXhZW1s0l66MDYeob1mLuBndFzicvn4VjrOyssDgSFtnh6rtQRZccMCPPDRoGu_APbY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56F5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG1EKHOavQzWcewJMCClCvs&google_cver=1&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4y...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4ynoTud7VXAn9fabjhyvXk&google_hm=CmFXTgXkTiGE5FIIL...

170 B
188 B

39ms
39ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4ynoTud7VXAn9fabjhyvXk&google_hm=CmFXTgXkTiGE5FIILVMmAAk

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_-H9AKBFjta_Z8KtrcjHDpLOh_iFU5uatjKCLLs06YzBZrv1NwZNYrS3nraPN_I3musUkQKGFKt4ynoTud7VXAn9fabjhyvXk&google_hm=CmFXTgXkTiGE5FIILVMmAAk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56F5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGG6pN7iu182A7f_3FGiq64&google_cver=1&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVISUs3MkQtMVotVjAz&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3vBNfcaM0mZJxFFzxFLHDGLsqKyZQ

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVISUs3MkQtMVotVjAz&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3vBNfcaM0mZJxFFzxFLHDGLsqKyZQ

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVISUs3MkQtMVotVjAz&google_push=Aa02lx-BLUO8_Hd0Mw8vSySJmLbX9GC2iqtNr8byotFpwCGAGTSV7Cu2aIrZ26UfykI0YokHZX3vBNfcaM0mZJxFFzxFLHDGLsqKyZQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56F5
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPHumUvSRHlxzb6zO7FK6pc&google_cver=1&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPHumUvSRHlxzb6zO7FK6pc&google_cver=1&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI&google_hm=GNNAtGZHAXxklttnSHy...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI&google_hm=GNNAtGZHAXxklttnSHylSDTh

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 23 Feb 2023 19:44:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mfu4fAnJ-DTlRXmHApX7vdykn9E1mgp8K_QCUxca3kDragsQUwQrILKDU8aMFQ-krU7Hd4supg2zgwbhpZwSIpOBpI3jOEoI&google_hm=GNNAtGZHAXxklttnSHylSDTh
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56F5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA7Zfc_YBWQqDtjdvq0dyPE&google_cver=1&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXjraJSxFlVaF_fIFHOa...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXj...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXjraJSxFlVaF_fIFHOaVLVGJF6Tna0jtVKwD_vcuI6_SvlvJe

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS15OE56OUVkRTJ1RlNIbDZrT0diRWtlMENIWGhvMlFkb35B&google_push=Aa02lx9-8hcNggqGNngf1ucguQHyYh6Fac4i9BJZhMJPTZNqSnD4L_XXjraJSxFlVaF_fIFHOaVLVGJF6Tna0jtVKwD_vcuI6_SvlvJe
date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56F5
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374U...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDZ36JhiF8_nUWSurR7JPrE%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg4NDY2MjQyMzQzNzI0NjA1MQ%3D%3D&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374US8j2xwHlz3w3b7h4M...

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg4NDY2MjQyMzQzNzI0NjA1MQ%3D%3D&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374US8j2xwHlz3w3b7h4MVJt-JwR3gkdO90fE-c-5LMFmi8-3TJCARn2WNed3ghSxOcfBG0LUXGusbwmFvffU9tqC0

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 23 Feb 2023 19:44:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f790640d-9e34-4b9a-92d2-a377a2db075d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg4NDY2MjQyMzQzNzI0NjA1MQ%3D%3D&google_gid=CAESEDZ36JhiF8_nUWSurR7JPrE&google_cver=1&google_push=Aa02lx-tpg1hW374US8j2xwHlz3w3b7h4MVJt-JwR3gkdO90fE-c-5LMFmi8-3TJCARn2WNed3ghSxOcfBG0LUXGusbwmFvffU9tqC0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 56F5 0
12 B 30ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsTlnpUSnSoAOnZeauwfgyK35mrUYSmvXUCP7FWKrRejM0J5nsC46srFAF10OTeU9Xz-YC6Pw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 87AA 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 10:57:40 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 10:57:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame E724 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.23~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=4&bdt=2382&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0&nras=2&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=tm1D8VTut2&p=https%3A//krank.de&dtd=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
DATA 200
OK truncated
/ Frame 43DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e896956b728d5be1e57c3cb2dc64f5553d255b963820dfb13cbaf715a1aca8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4060 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_LTq4VB9vq27oUJy29FQGwjiOXGtXS24yOc3DOOV__uA8wF019jc7IuDHN8BNFdx63Va-MM5KabNAXQOUzZ8wxzKe_49_FFX_u9xy4vjav2DfI3N2QMgEFczVJA_2NZj6biMDzg&sai=AMfl-YQDkosSUcSa5rO7OMREgJ6QtokyKWOm0yC48UjUI_vRmIo56RFbySmwBOKKN7gStri9X7VXQYJ3hpgZ&sig=Cg0ArKJSzBlH3O1XQ1kXEAE&cid=CAQSGwDUE5ymh0Oou820qNg97lwMK2tZ760w85NOuxgB&id=lidar2&mcvt=1014&p=0,0,500,180&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677181497494&rpt=455&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 87AA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1&google_push=Aa02lx-c9A9D_1nW-CcpW2IqYc50xhbQlkIHxFexmgWUHII7s5ysWmBgkraL46apPMgHdBuxHGP3KQSUbL5d0gw9_Rz9Js-wHVxC3B0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg2NDc3OTEwODA3OTc0NzI3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1

43 B
398 B

67ms
14ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1
Requested by: Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZDkSo3Er-j8BtnGbQRN28&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87AA
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYYGkl6xEpG67MJFVfZc2k&google_cver=1&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN3rTdvPUsmg0M9pclE&google_hm=hmP3wjrJpwX7Hx...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN3rTdvPUsmg0M9pclE&google_hm=hmP3wjrJpwX7HxMR9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63F7C23AC9A705FB1F1311F7BLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx9pQehIWSWGd1exXNyEWn5ldxbUeLzeLzDod4ylAP_5pGtDTqkp_FpADAhxpJjh4J1YyW-w8c6xzvSzIN3rTdvPUsmg0M9pclE&google_hm=hmP3wjrJpwX7HxMR9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63F7C23AC9A705FB1F1311F7BLIS
date: Thu, 23 Feb 2023 19:44:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87AA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO7C6qh2UKAVQjMGkryCzho&google_cver=1&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI7...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzQzOTY4NzY2NTY0NTcxOQ%3D%3D&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI73ikB...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzQzOTY4NzY2NTY0NTcxOQ%3D%3D&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI73ikBd0PmmUIRqqAfE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzQzOTY4NzY2NTY0NTcxOQ%3D%3D&google_push=Aa02lx_hC1GjExzSUv_jRxbWRuJKkpvSWVPVEgohjezj4WV50ZDTxjyPDr62mqo6d13n5-gTQtubpPEOsqpoI73ikBd0PmmUIRqqAfE
Date: Thu, 23 Feb 2023 19:44:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 trk
ag.innovid.com/ Frame 87AA 43 B
298 B 454ms
31ms Image
image/gif 2a05:d01c:1d8:8100:f325:981e:6456:70dc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAi3StZwW9a_QzuHfw9Vi8s&google_cver=1&google_push=Aa02lx-XWsjIRGF7HWdXHQQADXtvWsPV3CN6ZCZDMhuTaMWtNeni3Yc-dH-J7gxrOvLSlg7O2egWTwEteLNe7Jz1n6Ew5uEHJHOB5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:f325:981e:6456:70dc -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87AA
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPfBB3F7QRWz4gmjq8TkN-M&google_cver=1&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVn...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVnukzp658BbvRvbA

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVnukzp658BbvRvbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Feb 2023 19:44:59 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8R7-efcILvBZuEqXxq8RhdiyqjqBgL-kaksVAELTYvs6uuvIejJAfhnJuTbB-2F1ZqnOU2v7ZN0p8cGhVnukzp658BbvRvbA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Otor1Uu-PGVVYJPsM22WT4T6jkcpWWnwCMjo7Y6I3e539PC_8JufQQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87AA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAuDnwIGfFJDNnxoToH84Yo&google_cver=1&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY77obzcXxRX03-hgYHA0Y

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY77obzcXxRX03-hgYHA0Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-n78FcfZPOc3QBh8Twy3wvgVan5T2SinV_iEr9r1YmrrBaRMpjNHJzo38ni94ogyyrFvn80p31fMY77obzcXxRX03-hgYHA0Y
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87AA
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAeMR0AgQW4GdqPfUmCd8rI&google_cver=1&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZW...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAeMR0AgQW4GdqPfUmCd8rI&google_cver=1&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=X958rfYHTHWsAVhqzPKXKA&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wt...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=X958rfYHTHWsAVhqzPKXKA&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZWfbtYAzAg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=X958rfYHTHWsAVhqzPKXKA&google_push=Aa02lx_hZ9s8NaZnK9fi1sIu1KULv1oFmq6rRtQuPyakChXxYuOpwhRP89T-gPezbidoWUTjzXVjO4b7dLGx1wtZS_8BZWfbtYAzAg
access-control-allow-origin: *
date: Thu, 23 Feb 2023 19:44:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 87AA 0
12 B 18ms
14ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9qcm7wjtVBXe2k6QVZKJTgJNDgZu1kYq0Qui8UCmzZcQmWVzPXtslH1DmyJHMv7Zkelzx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D606 2 KB
1 KB 157ms
13ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_fCOQAHrmwKGa0GAA85rCDReB3imEu-ZaC9PQ&u=%7C85dmtuBpoHSmtxH%2FamWMEwmRma7QsBZCE%2B6xZD9FT8c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkOg_Kg37ZGQdbt5vRA2sT_ct2CutcC4WC6WVR2U1OXhK6VjfaqojvnImcrbivc7hQG-qdP74FDEjMACkAHW34YGfu2DCq06Tx8PxIzkbZRxNPb20awVCLoa2pPaJEwIs-CmCaEb1H9T74jhzuJjsVrWX0g1EUy4QsbsLZ6AzFUEH8X5zJ6O3pR9z9n_W3hkZfmAcLKU-ltTAvheay62bToITEBn0juqMlmmqqO-vxV7mgXvvKw47RefCTilKeLq1uBCp2WoKKzB1YJjHZj4RltKjXvLlvwNhZXeBTT1htmxoiFmkmI-vvW3-T4kqX_7Cagd1RU8HuSnWuVnBPJVauqR1jkXiBfPjenYhokcEBdBSWwEt9R3PXE72x-v6Z4aZ-YHrF7yL2HL0DomJdSvb4TKu1h7DP5zzB9EZqrRFJN7vuTMEp3sLcxNl449xztHzL3CVaqploHZfFzzOwoDHbIb5OpPxkAwzq2sCQ9MGq-Bp3BDDIqdTJRnrDiHspHp9-MSBKSLtcq2trTTN1cXBzANri46Z0AH4noef6tzXrQliEMA3-numesYxxO_rwXS80w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiPIhOcL3Y-zcHobaZqzzvPAMyZ7SsVz1kd6-sQHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzE3NjMyMzIzNDQwNTYzOcgBCakCDqtjOsnLsT6oAwGqBNABT9Di4pvUruL4fZ2A1N_aiQy1oe4Q5HxAYNNBkXhyi5VsfJIJN57hWzN2UFj2f1VLZcOlHbXip9VxqGBH8jcjZUc3aHkn8m8ujrpWSPqTUqClgM4NBiUvOP0cGNOpMYtC4BCkU6CLvRGBtjV5ftVx2e8PoA0H4g2PYuO0F-opABE_B7W_YHOMOdGnGTbDsOgEEo2W9QwDOwmKGzt9ZWrlQryclfEHYgjG65fiQYOszzTtqGxLF-1ka7PRcXCeWSlw4M7PG0WnPSRNPzTI7mo4JIAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Zv1PGBs9fdOFaVXnGJPzlsw3eYQ%26client%3Dca-pub-7176323234405639%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D606 2 KB
1 KB 166ms
22ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D606 308 B
636 B 144ms
18ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D606 293 B
621 B 140ms
15ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D606 43 B
348 B 374ms
28ms Image
image/gif 178.250.1.6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=W-E3wSyp-9bFGyRRxIB1s92NKPGN21FO2w-Emtbd419qW7Esh5uhD2hadcQAcoImGkQEy2xcluY049yE84xmIeo_aq3t0X9n_qz5cq7phwavZK7EyWqMqOXTvtL9QMeQmjelioFA4quAMAvY0asBOzr9b6gVbEHL7VN03_OOSZplEG4MGF4aHlEy5so-zT5tr00pJDOpXtt_8jzXhi0XtRL3TUda8wmUpMcj1ivXyhl1TERpJ-9cTJCqDKRYwMo8kzJC0ZQGxmHzbyNmxnfM0rS_NnpSzTxdws0TdmPNmTi42lZP_eq6_58lsFDctN_jn0Lbqx6b7wJACPo0dSr-NFc7TUu-I8chgrlf_jePHVzJ369UQl9amI28ng5_c6bB8zTOiVXhgsWLQ4O02M4tD6q_zG4GB2evJ2FxEuWIlMA8850vkF1xUYENda6QOUlx8026DA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1828881
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43DB 15 KB
16 KB 84ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 26514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43DB 15 KB
15 KB 105ms
43ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 21868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 43DB 15 KB
15 KB 87ms
26ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 23463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame D606 2 KB
899 B 120ms
23ms Stylesheet
text/css 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D606 12 KB
6 KB 106ms
14ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 10 KB
10 KB 553ms
15ms Image
image/png 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=20389&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F20389%2F170807%2F876b816f67bc4c5fbf7b3f9ee51867f6_triumph.png&v=3&w=196&s=63BOeqURa2qsnPj4DCZvkiJ8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

fc881f13aad05a2722621b482c74c9616f08e24d88649e11712e4d6393df88ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30998471
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10206
expires: Sat, 17 Feb 2024 14:26:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 15 KB
15 KB 564ms
26ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F0cd59e89-7ea1-4e05-8575-f740fe1c63ce%2F30_10212280_4063_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=vzv3RvMrSFAtvYHMXX5w4RlF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

f92ddf8fb5cb293dbe369ba6868edc99113cc7c1bf90be8a0f4106b6e5f900d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14992
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 5 KB
5 KB 577ms
40ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F68a0e66b-700e-42cb-aa52-01973f41c7dd%2F30_10212570_0004_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=dwiSahKqIFY87VaoyX6erp2Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

019fd35df8c927973020ff8940bcb2e9a32b54a62ef63691af9441a3fde73aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5276
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 3 KB
3 KB 565ms
28ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F9bae6603-5a4f-4e08-949b-374c5c7828e4%2F30_10193438_6106_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=Kqr0lWLUmkYLTBnLk-hQZkZu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

9fc87dacda393364f07032b473d47490b845c84c0ccb56727f9a0fbde9941db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2880
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 25 KB
25 KB 571ms
34ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F798a960f-03e5-42d1-9974-c9673b7d6407%2F30_10208015_7010_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=0GY-BcUlFKLIbB9vMWdi9tEO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

f31cd2252d9a2674fa47fa5b3825f7719cf31ea35d372db7a45519b3e2e1e8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25316
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 19 KB
19 KB 578ms
41ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F59c887be-4a4f-4f22-9ee9-7cf4704f8118%2F30_10214059_00XD_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=etWSFe-sRllnMmoK64d2bW55&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

5591232bbc3118bd3fe3b01347b3848b303f3f48d8d74fcbfd7415ea29043bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19052
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 6 KB
6 KB 27ms
27ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2Fb5ee5060-f832-4453-9446-eeae321a91d6%2F30_10212277_4063_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=dFY7bwjyhMsyRjyBRs-kmmOf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

5f220590dc96961b2a281fd95959d8f5607ca3bf6d959961975fd30639286862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6088
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D606 18 KB
18 KB 31ms
30ms Image
image/webp 2a02:2638:3::f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F173aa5fa-fd65-4ea6-9b64-fe62a83363ed%2F30_10182560_00NX_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=K2fLeA07Lsyntmgmjigooak5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

b173ddd71e82e7a7b0a3db04fe861c23895a076daa55a66fa4e516837fe64d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18202
expires: Thu, 23 Feb 2023 19:44:59 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D606 0
128 B 305ms
26ms Ping
text/plain 2a02:2638:3::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8PJyLJs_tH8okk6WPPSxMUfIETuewkVH0uYE8es0RK84s8Fl6YzF0yPptun_DftfMFWnaoZZMc_cfNHz12lffgh05FnaWSqSIfqWfcpilkmv8Uk_0ALG42SMVAlkPh4fV8kuw9Q0CnFepWwXCKCkErCEGegue_pRt7VLgWHBo1wKXuAxODnpTo_WU82tyMj33dkAab1UTL4QjAlZd2eXY17yNJjdiQ_48eGxUp8_GYGyGBCwcr9DHfPAUFu3oUxQ8fzXnQ&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 19:44:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D606 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D606 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame C8C4 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.17~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=-M&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280&nras=3&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=zPqbrPoYjc&p=https%3A//krank.de&dtd=151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame D606 16 KB
17 KB 54ms
26ms Font
application/octet-stream 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 19:44:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CC1 0
20 B 52ms
52ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.2381,req.156,bpp.7,fb.1023,e2e.2525,fs.157,reqs.158,ress.1023,rese.1024&srt=866&e=&id=csi_pagead&gqid=OcL3Y_zlHduLxdwPm-qu0Aw&qqid=CKzdh_uzrP0CFQatGQodrDkPzg&rt=lb.151,ol.1502

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v3.1/plugins/ Frame 30FD 48 KB
17 KB 290ms
247ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e592b53575c6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b532cc55c602698fdb3d57a243c137c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

e4b926538f8b96770915da6285c9c33404f791bc896c9a7650b9874aa950cd00

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 23 Feb 2023 19:45:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: WLiORpoiSo6DJhdaW3Gh1BP9gwNH/LDUOsMdRriBjnHvlDura+2+jC34HgwFAtbvqJjeuAh1NLiS+sF081icQA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 67ms
67ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329ac772f99f6f9cdb6e3cebf5f4c77add36c466f4564b442a7d91263247ef84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11197
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 19:44:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8B2 13 KB
5 KB 44ms
40ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:28:54 GMT
expires: Fri, 23 Feb 2024 19:28:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BEE 783 B
536 B 59ms
55ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2304e610a33f6f217b3f394e722fd3beb9db00e44666012ba310d415b2bfb3bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9xpW4jOvgu7_aa9j26X9uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9xpW4jOvgu7_aa9j26X9uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:45:00 GMT
expires: Thu, 23 Feb 2023 19:45:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame A8B2 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
0 52ms
52ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3765083088063307&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A8B2 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jWb32w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:45:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 30FD 299 B
561 B 8ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e592b53575c6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:45:00 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: VzxRD2pZvknnlBWbP6TCVSFfr5RGv2CiT3ZQEeJWdmSG5Pc4ZSMi+WDH1TDKxtOP/Xs+K4CysbdtjCzu3ZQjxQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Feb 2024 06:12:48 GMT

GET TIpfwAzBz2V.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/ Frame 30FD 0
0

GET
H2 200 like.php Show response
www.facebook.com/v3.1/plugins/ Frame FB5B 48 KB
15 KB 147ms
146ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14151930151ff%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b532cc55c602698fdb3d57a243c137c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

c4d3013ebca54aeb5fdd67df0aaf80ac889c5358dafc5571adc821b2af0105ed

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 23 Feb 2023 19:45:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: R9uwkJVYsqAo1NZQGCdoVZXg4pn0ZwLCSV9FBeJfJSWa5KJ6myhrlL8JX5eKn3IGFnzB28q6S1UlqblRwWhtXg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 TIpfwAzBz2V.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/ Frame FB5B 516 KB
133 KB 8ms
8ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/TIpfwAzBz2V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14151930151ff%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

581553dcfb8e743e9c1a4231f6f7d1dcd12594866afc80fba6339b5b266c34e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tLJU/JYejNLpCPZhotOJkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136635
x-fb-rlafr: 0
x-fb-debug: EoolEhlQNyoVhxp6mej47NucRqwsI7f5bWcUDV7l+WquAFc7gF+iqOVZVmmlp1wC+iXNDSAsVUwSqSSIHz+IPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Feb 2024 22:13:18 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame FB5B 299 B
448 B 8ms
8ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.1/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14151930151ff%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff26920bf5b1a974%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:45:00 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: VzxRD2pZvknnlBWbP6TCVSFfr5RGv2CiT3ZQEeJWdmSG5Pc4ZSMi+WDH1TDKxtOP/Xs+K4CysbdtjCzu3ZQjxQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Feb 2024 06:12:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3765083088063307&bg=!KyilKHzNAAZYlHKzeJQ7ADkAdvg8WrtsRaMapcmwbCKBr8bDE1WoC4NSvBO9ITqMrbqxIrtchbeSeQptESlgyqqdaKiAva201-QCAAAATVIAAAAEaAEHCgBrc49UNu-UcgUSsCYouSzRFnni0kZCKS-JiaQ8Ihq-n3mihCpV3Tmpwb1stbKIdbvjqPbI57uI5pxsA1AFzWvL89f2Ox76c4rEeDUM9Ayc6yX3eUKwocDCm9QVctNwSyMXhkeGmfpjYAauwNKZAqJNZaX8GZY02ZYez9MFnA7EUmdErPtfj_sgDO3GLr8vZNRR6VM-uhbm9rwy9pMZYWRCWS2QiBZCue6sd0FoX09c1zo71o40hA6-HfwER5G8dTqkwwErZqM7WPHAHyvuy2g_flipLtmGO2okXvYlENifCv0lmhVvz6wOIrOlIHVbDCWr4C4FYUzio5UEhFeuaSWRhxClmH1Ir_w2cGFoN8BZFMruAqKEjY4v-75JnfB_WM_0QyuIPpUVksEMKRsx69x-rOZzRm4JNuzifLIG6EtDP5kvd9SZ2bK4j5XjbjUXDThSHB2m9yVmG0H3kuEiUedIeakEI8f8uggZ-cio9EzjSR3uoM_RRNHpUUlU8PtzOKK6gFBCjckVe-R2ConMvDyShHYfnvV-MEFqEPUYbl93Sg_s90rbDNGaQTFxjiD23ipRPNiSTBKALCbrq5JIvec7yw1G4IPbQ0vKi0I2qRta2ED9z4qzn8TAu15SCQ-Yo94VoLFttZCh3qTY_MDrEEYFDR0aq-LVfCFsqaYP4Sci0VBgAwGOyX6rnsKZ0rTU8BZkJeS6jfOnVqSRFmDcocMeHXsoRkNbZzombdeVKmfgMIEplpxNnSqXra9JSj9ktbfoPEMenou5MEioIT9IlT3ZCON4D4XGmc9yxt6NuhvTJjzzCpjoUbWTRybY1QhfOb_C2Pz4r6o1ByBx141tln71w4qi5cU8d5LmA1XokjWZMCAdpJrpoIVRONhs_p4yviSnx78RkT9L3HhVFQPUovFZuvmxLEdOAPLS1KAsIhagSk5UDwWkMCEuUdefPbKfkxhEeTckXczrhinX20ECQJX6vV39TOMFlFXABfvNBBfVcl2GHGlMA3Gr93iHPbyU0fxvlCuoiUjoqCQsm7E10WQ29w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/TIpfwAzBz2V.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
krank.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 80h6mee4vkkp4ohv329jcfe8rh
.krank.de/	1970-01-20 09:54:27	Name: _gid Value: GA1.2.329187595.1677181495
.krank.de/	1970-01-20 09:53:01	Name: _gat Value: 1
.krank.de/	1970-01-20 19:29:01	Name: _ga_QVNJPTS5GE Value: GS1.1.1677181495.1.0.1677181495.0.0.0
.krank.de/	1970-01-20 19:29:01	Name: _ga Value: GA1.1.1551276956.1677181495
.krank.de/	1970-01-20 19:14:37	Name: __gads Value: ID=cd8c233ee1640d6c-22da02b0b5dc0005:T=1677181495:RT=1677181495:S=ALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ
.krank.de/	1970-01-20 19:14:37	Name: __gpi Value: UID=00000bbb22ce6344:T=1677181495:RT=1677181495:S=ALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg
.doubleclick.net/	1970-01-20 09:53:05	Name: DSID Value: NO_DATA
at.bahn.de/	1970-01-20 12:02:37	Name: exactag_new_gk Value: a6138a5ffe444d3cb72086edce42cdb2%7c24.04.2023+19%3a44%3a58
at.bahn.de/	1970-01-20 14:12:13	Name: exactag_new_uk Value: 5cbfb802683e49d69a0f1327b11273cb%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: 931a55b576164021ad177f9f
.3lift.com/	1970-01-20 12:02:37	Name: tluid Value: 2992502372110491737036
.blismedia.com/	1970-01-20 18:38:41	Name: b Value: 63F7C23AC9A705FB1F1311F7BLIS
.adform.net/	1970-01-20 10:33:20	Name: C Value: 1
.de17a.com/	1970-01-20 18:31:25	Name: guid Value: 1.7693920172189917738
.1rx.io/	1970-01-20 18:38:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b75e675b-f809-4389-b840-4c07b0787d4b-003%22%7D
.adform.net/	1970-01-20 11:19:25	Name: uid Value: 8542571388638798823
.doubleclick.net/	1970-01-20 19:14:37	Name: IDE Value: AHWqTUktymt0k6wGDWT4OMuaFApJqLItvuynxyj_vPxQCPiBgTqPwHaV4BMIpYqBtCQ
.targeting.unrulymedia.com/	1970-01-20 18:38:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b75e675b-f809-4389-b840-4c07b0787d4b-003%22%7D
.analytics.yahoo.com/	1970-01-20 18:38:37	Name: IDSYNC Value: 18yx~2a5v
.yahoo.com/	1970-01-20 18:38:59	Name: A3 Value: d=AQABBDrC92MCEPG4bTvLzGq9LN19zkuu9cwFEgEBAQET-WMBZAAAAAAA_eMAAA&S=AQAAAhlumsfobI1hK3IclnUprno
.quantserve.com/	1970-01-20 12:02:37	Name: d Value: EB4BCQGuKIEA
.quantserve.com/	1970-01-20 19:23:15	Name: mc Value: 63f7c23b-102d3-f1541-5a2ce
.ctnsnet.com/	1970-01-20 18:38:37	Name: gid_CAESEG1EKHOavQzWcewJMCClCvs Value: 1
.ctnsnet.com/	1970-01-20 18:38:37	Name: cid_0a61574e05e44e2184e452082d532600 Value: 1
.lijit.com/	1970-01-20 18:38:37	Name: ljt_reader Value: GNNAtGZHAXxklttnSHylSDTh
.adfarm1.adition.com/	1970-01-20 12:02:37	Name: UserID1 Value: 7203439687665645719
.adnxs.com/	1970-01-20 12:02:37	Name: uuid2 Value: 3884662423437246051
.360yield.com/	1970-01-20 12:02:37	Name: tuuid Value: 5fde7cad-f607-4c75-ac01-586accf29728
.360yield.com/	1970-01-20 12:02:37	Name: tuuid_lu Value: 1677181499

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.11~rp.4&daaos=1677128318772&w=1140&fwrn=4&fwrnh=100&lmt=1677181497&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677181497301&bpp=7&bdt=2381&idt=7&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd8c233ee1640d6c-22da02b0b5dc0005%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MafeEa_FBXViOfTrV9c1q93pnhtjQ&gpic=UID%3D00000bbb22ce6344%3AT%3D1677181495%3ART%3D1677181495%3AS%3DALNI_MYPkA_-5PycY0Cx6ZLk8OM7OIvorg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3966111149926&frm=20&pv=1&ga_vid=1551276956.1677181495&ga_sid=1677181496&ga_hid=1513102891&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44777876&oid=2&pvsid=3765083088063307&tmod=1136915881&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=wT5iLDr0ii&p=https%3A//krank.de&dtd=156 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-7176323234405639&fa=3&ifi=11&uci=a!b&btvi=4&xpc=2eEf7i4V1P&p=https%3A//krank.de Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-7176323234405639&fa=1&ifi=13&uci=a!d&btvi=6&xpc=vdRC1d6Fiy&p=https%3A//krank.de Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-7176323234405639&fa=4&ifi=12&uci=a!c&btvi=5&xpc=G4kBq15UoS&p=https%3A//krank.de Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absensi.bella-skin.de
ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
ap.lijit.com
at.bahn.de
c1.adform.net
cat.nl3.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cse.google.com
csm.eu.criteo.net
d5p.de17a.com
dsp.adfarm1.adition.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
krank.de
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s.ad.smaato.net
secure.adnxs.com
static.addtoany.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
static.xx.fbcdn.net
104.244.42.136
13.248.245.213
142.250.184.226
178.250.1.6
2001:4860:4802:32::36
213.155.156.166
213.19.147.45
216.52.2.48
2600:9000:223f:1800:1b:5138:8a40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:46c5
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9c
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee
2a05:d01c:1d8:8100:f325:981e:6456:70dc
3.71.149.231
34.96.105.8
35.186.193.173
35.204.103.237
37.157.6.233
37.252.173.215
46.228.164.11
51.75.86.98
52.59.64.86
62.116.173.69
69.173.144.139
85.114.159.93
85.14.248.72
019fd35df8c927973020ff8940bcb2e9a32b54a62ef63691af9441a3fde73aa8
05738513983da123b7c122bc7bd853875b13e30c16d33d37953b592691ab7e14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc81a2f2b8d0384992449ee8261f462956349c0d20f5b20bcb4183be40e1b7c
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
157203cbd07f5e85964e9432fc9a9d747e9ddf82dbbace58e00292fdebb49d92
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2304e610a33f6f217b3f394e722fd3beb9db00e44666012ba310d415b2bfb3bd
28da93235862f265d45a9240d6f5c03641413548c659b466d32ffa46a746e37f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
3072864adfe9480b0c5cc40fbe938b5245b371f151590e1bae406d0186ebcee5
31646283b728e5faaa5361429ba05884ee7065cc958f1e25783c85b26e252b62
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f8b8985823e02530512f962b587e010c9dff8dae877e1884baff33e9ecfb86
329ac772f99f6f9cdb6e3cebf5f4c77add36c466f4564b442a7d91263247ef84
3341d0192709ffd397c35a6270b85eae8de1a3d7ba8b28b56a67fe39369f824d
37600955484561b0e9f21d1e5ac2e489506a99bb84d5cb4781785b00a2b135d1
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
444d490e7cedac709539c00eb3ebe4fae8266b4f5120c7468d6b78415243e95c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
557d9de19daf142dec6fe9a23a8c2afc88973d20b2ed55b8a11b4993a563bf09
5591232bbc3118bd3fe3b01347b3848b303f3f48d8d74fcbfd7415ea29043bcc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581553dcfb8e743e9c1a4231f6f7d1dcd12594866afc80fba6339b5b266c34e7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5f220590dc96961b2a281fd95959d8f5607ca3bf6d959961975fd30639286862
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b948ab983e040af7125bcd52c801d56c2eae8c2709bd12e83776192343d4450
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6d16bd548c8a5df0bebd173ba1d66e58df94a135b4505ab417a1cf733c2991dc
70153df69d938fbfd9831d10b022c660a340a79b1dcb4f70a6371cc3c5367af8
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
72003b7a3185b65621b1221bee872ff0141fe767e88f1b9cebafd1245c9710e2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
7aa96db279ee5f23b1755fcc9bac1efd044a73be874aca089c43ab694f0e4ece
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90db7ccfb146d8804bff7f36148b14e7b307859077b3e7b52f55777731e65fa3
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
92dc7c53b8bea985bd33177fc892a5e10ca43627f61df06efe0d6165818f62c7
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
981224da5709221a53ce1d7c67872d2779fb00ecc750d91c6b3dc46d024bb406
9a6540ccc15b5024b232b24c71adf5dd1cc4a56829f709ef5cd3a48d93b26031
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3792218418d47c24e01a891a40e8db43476d3aa7aecd22660f7f375742d8a9
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fc87dacda393364f07032b473d47490b845c84c0ccb56727f9a0fbde9941db9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c6f96805e182d290a0b7ff71f72d3c9898108d0c7b81324510a0d3f3a058b7
a6d6ef13a4ad46bf5fb1335e7c93611b6aeecc44208e9cf744c524abab55fc0e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
a83e1a6466a90a75cc9b0480eb23cbc81631a4e4886bd12bdcf876a46747b817
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a89a5191232cf6633c0aaa8a85e2aa55a34fe15f5dc9a1a89ed7c0c117521c4d
aa59851be1a2b2ad33b18eea574c65fffd440d3a269e7ca1856f6d0684544751
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc911406234d328ce3d4d5168b49a28e1f3b2be8a030e94ed1471ab083a3e1d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b173ddd71e82e7a7b0a3db04fe861c23895a076daa55a66fa4e516837fe64d2d
b4170fbefa369102b379ca6a41b01bf303452549627b398926b26b58c89bae11
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c446fba1ca9de796111160202174081ab3d82e65771acf8200a7c96ab1719a7d
c4d3013ebca54aeb5fdd67df0aaf80ac889c5358dafc5571adc821b2af0105ed
c901f6fdf97c666548546f46fe4db9455c08cc8e724207645e0841893a5a07bb
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df7d1512d1274b7b2dd2245e43b1f852af00815baba427bcd4177069de4e520c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b926538f8b96770915da6285c9c33404f791bc896c9a7650b9874aa950cd00
e896956b728d5be1e57c3cb2dc64f5553d255b963820dfb13cbaf715a1aca8ab
e9213fa7b9104271f11244b01baa6d90edfd0594ebb53ef73e7b92230c200d6e
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31cd2252d9a2674fa47fa5b3825f7719cf31ea35d372db7a45519b3e2e1e8d3
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f92ddf8fb5cb293dbe369ba6868edc99113cc7c1bf90be8a0f4106b6e5f900d8
fc881f13aad05a2722621b482c74c9616f08e24d88649e11712e4d6393df88ea
fd67bf615bffbda0e943aab06139a1ca766cf13c8f29dd8ebb355b7ba1934ce4
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe27f3957b829c084373f77e8282630f6a717401a43ca4d41fb2bae90b0c9983

krank.de Open in urlscan Pro 35.204.103.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

90 %HTTPS

59 %IPv6

38 Domains

55 Subdomains

35 IPs

7 Countries

3005 kBTransfer

8563 kBSize

30 Cookies

9 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

90 %
HTTPS

59 %
IPv6

38
Domains

55
Subdomains

35
IPs

7
Countries

3005 kB
Transfer

8563 kB
Size

30
Cookies

206 HTTP transactions
11 data transactions