URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Submission: On June 15 via manual from IN — Scanned from DE

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 58 HTTP transactions. The main IP is 24.116.255.51, located in Kuna, United States and belongs to CABLEONE, US. The main domain is www1.odcr.com. The Cisco Umbrella rank of the primary domain is 258821.
TLS certificate: Issued by R3 on May 10th 2023. Valid for: 3 months.
This is the only time www1.odcr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
268 KB
16 odcr.com
www1.odcr.com — Cisco Umbrella Rank: 258821
591 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
246 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
39 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 107
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
ajax.googleapis.com — Cisco Umbrella Rank: 422
102 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4835
408 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
56 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1107
601 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
50 KB
58 11
Domain Requested by
16 www1.odcr.com www1.odcr.com
ajax.googleapis.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 pagead2.googlesyndication.com www1.odcr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.com www1.odcr.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www1.odcr.com
2 ajax.googleapis.com www1.odcr.com
2 www.gstatic.com www.google.com
googleads.g.doubleclick.net
2 fonts.googleapis.com www1.odcr.com
googleads.g.doubleclick.net
1 www.google.de www1.odcr.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www1.odcr.com
58 16

This site contains links to these domains. Also see Links.

Domain
okcountyrecords.com
facebook.com
twitter.com
www.kellpro.com
Subject Issuer Validity Valid
okcountyrecords.com
R3
2023-05-10 -
2023-08-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
www.google.de
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Frame ID: 76253194170E937CAFA3B214D0F71212
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: CBAED1719EFD5D3B73632158401C1FC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Frame ID: 2615E5AC84FC3D7791D8B37105D61F5E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&adk=1812271804&adf=3025194257&lmt=1686796228&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228759&bpp=1&bdt=526&idt=197&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=8719634684539&frm=20&pv=1&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
Frame ID: D9C045DFA8A9528D09139280027BEB0F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: BC98363049E6C07A681404879EDD094E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC0F84F67820DFA0996D93649FE7DB40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC71799DF26D6C50DD93F4FF61F12FD6
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

"STATE OF OKLAHOMA vs. WITTEN, ANDREW " (CF-2022-00181) | On Demand Court Records

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

58
Requests

100 %
HTTPS

87 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

1377 kB
Transfer

2608 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request detail
www1.odcr.com/
16 KB
5 KB
Document
General
Full URL
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
caa4f0e5d7a6730893e173e9a7d6d3a21e5fa0fcfcca2ee72daa5937a940b0eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Jun 2023 02:30:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.25.0
Transfer-Encoding
chunked
css
fonts.googleapis.com/
776 B
803 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Coda+Caption:800
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc335b12c5b5f73396644696f62a9e79e6eb7b96ce87bdd745a1c640002d0fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 02:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 02:30:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 02:30:28 GMT
application.css
www1.odcr.com/styles/compiled/
112 KB
112 KB
Stylesheet
General
Full URL
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
c524fd63771df9e6bd0d8b0e833d5fbace9d9e8017e76b912c620e2b6fd7249c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Fri, 03 Jun 2022 21:23:12 GMT
Server
nginx/1.25.0
ETag
"629a7bc0-1c107"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114951
api.js
www.google.com/recaptcha/
850 B
872 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1a1a7f89f83d6da638952af4c77e963999d2aef4c318cbb3c9d92428e3fdd41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
552
x-xss-protection
1; mode=block
expires
Thu, 15 Jun 2023 02:30:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f0b89e11ca93ed7db54ecf8821eff62f2a281f26496143d68223a1448e631e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47340
x-xss-protection
0
server
cafe
etag
6732168346186009907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 02:30:28 GMT
print.css
www1.odcr.com/styles/compiled/
2 KB
2 KB
Stylesheet
General
Full URL
https://www1.odcr.com/styles/compiled/print.css
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
51861da6b3da04814aa23a6a1d634a5866dbeb50c40acf26081ef3edc0d6b601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Thu, 24 Feb 2022 15:02:20 GMT
Server
nginx/1.25.0
ETag
"62179dfc-856"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2134
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/
410 KB
165 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.odcr.com/
Origin
https://www1.odcr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167992
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 14:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 02:24:37 GMT
gtm.js
www.googletagmanager.com/
129 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F2ZHK9
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75abcf8c9fa16f467d31889bf3f631e3fc2ede7c56395b1a33d8583d04b52ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50890
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Jun 2023 02:30:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 14:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jun 2024 14:17:09 GMT
blackmamba.png
www1.odcr.com/images/backgrounds/
94 KB
94 KB
Image
General
Full URL
https://www1.odcr.com/images/backgrounds/blackmamba.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
76a403f5e85e119c2c9565bc675b49a87ab9ae43d3d97b39a4af06a03b39ef1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-176a6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95910
58-bookmark.png
www1.odcr.com/images/glyphish/icons/icons-gray/
921 B
1 KB
Image
General
Full URL
https://www1.odcr.com/images/glyphish/icons/icons-gray/58-bookmark.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
8d4248d4cd6fabcb727c8a440ba5c49986a713829156324239f320f8056f4e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-399"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
921
bg-footer.png
www1.odcr.com/images/backgrounds/
174 KB
174 KB
Image
General
Full URL
https://www1.odcr.com/images/backgrounds/bg-footer.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
cb3aa9c7caf54c0692d0191eab6a8020569267ba1cf44386700a58c5e31b73d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-2b655"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
177749
18-envelope.png
www1.odcr.com/images/glyphish/icons/icons-white/
267 B
505 B
Image
General
Full URL
https://www1.odcr.com/images/glyphish/icons/icons-white/18-envelope.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
2887f4f0710fc4666179d556119f5d07ee72192e1c249c93107a15455970af4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-10b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
267
208-facebook.png
www1.odcr.com/images/glyphish/icons/icons-white/
221 B
458 B
Image
General
Full URL
https://www1.odcr.com/images/glyphish/icons/icons-white/208-facebook.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
29f34fe02bc90597249f49b52b5ade5fbf8c2477318f789b82cea810bbfac8a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:28 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-dd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
221
twitter-bird-dark-bgs.png
www1.odcr.com/images/
857 B
1 KB
Image
General
Full URL
https://www1.odcr.com/images/twitter-bird-dark-bgs.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
5ef32b812896e35656d7e3bd750d7202ebace9870cad6dfbcb4468d548451b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/styles/compiled/application.css?cache-bust=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-359"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
857
ieVm2YRII2GMY7SyXSoDRiQGqcxKwPWe.woff2
fonts.gstatic.com/s/codacaption/v20/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/codacaption/v20/ieVm2YRII2GMY7SyXSoDRiQGqcxKwPWe.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Coda+Caption:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a320fcde58b9a50fcacb68e6e3bbe3859bb2cfeb0c82ebdd75e1a975576c8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www1.odcr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 18:37:25 GMT
x-content-type-options
nosniff
age
114783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21732
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 18:37:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/
352 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4151d96950f8d8d8e76e731619343688f12cd2bcdf1bd86c617d0c8c309e0c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120777
x-xss-protection
0
server
cafe
etag
17243376392690288172
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 02:30:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame CBAE
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.odcr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 17:09:57 GMT
etag
15057649708203361565
expires
Wed, 28 Jun 2023 17:09:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/
248 KB
66 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 16:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 16:56:56 GMT
masonry.js
www1.odcr.com/javascripts/jquery/
5 KB
6 KB
Script
General
Full URL
https://www1.odcr.com/javascripts/jquery/masonry.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
c910eb1a0ddae795b0896835b89a88e1a276d2f493e1b22d9272acfbd456bbbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-156b"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5483
qtip.js
www1.odcr.com/javascripts/jquery/
108 KB
108 KB
Script
General
Full URL
https://www1.odcr.com/javascripts/jquery/qtip.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
f08535ec774cc8bb46069b4527b8686031f92631fd2fc4cb18d4dd4b88a7a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-1ae43"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110147
chosen.js
www1.odcr.com/javascripts/jquery/
23 KB
23 KB
Script
General
Full URL
https://www1.odcr.com/javascripts/jquery/chosen.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
1a48cb53bd527b9d60743602c571a370a40fe49f908fb26d2a5c6cd4e6edea73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-5cbc"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23740
spin.js
www1.odcr.com/javascripts/extras/
4 KB
4 KB
Script
General
Full URL
https://www1.odcr.com/javascripts/extras/spin.js
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
98d287074f5663adea333f38974ceff009271842a56fe424400ea09f264deda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:45:53 GMT
Server
nginx/1.25.0
ETag
"60e4c101-ebd"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3773
application.js
www1.odcr.com/javascripts/
50 KB
50 KB
Script
General
Full URL
https://www1.odcr.com/javascripts/application.js?bust=gdd2c94d-49fb-4077-85f4-efde7fde9
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
b9bac9660f0c7be9dd8bd71bdb14030268523fa2977e1927c0ca14c9f4644578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 25 Oct 2022 18:18:46 GMT
Server
nginx/1.25.0
ETag
"63582886-c6d1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50897
cookie.js
partner.googleadservices.com/gampad/
383 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www1.odcr.com&callback=_gfp_s_&client=ca-pub-8440350236685510
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da8dc8ab6f9ea3150fb41eab6f4b3b64660ab6967a39d67359ff0d369217d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.odcr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2615
95 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffa8f945f9895000e4fb9162531f62c857a1a511e8f92822bb386d233b3d5b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.odcr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 02:30:29 GMT
expires
Thu, 15 Jun 2023 02:30:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D9C0
0
180 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&adk=1812271804&adf=3025194257&lmt=1686796228&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228759&bpp=1&bdt=526&idt=197&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=8719634684539&frm=20&pv=1&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.odcr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 02:30:28 GMT
expires
Thu, 15 Jun 2023 02:30:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F2ZHK9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 01:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 15 Jun 2023 03:04:48 GMT
css
fonts.googleapis.com/ Frame 2615
6 KB
802 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 02:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 02:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 02:30:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 2615
2 KB
973 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 18:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
27491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Jun 2023 18:52:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2615
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEXV3xHeKZIPROsTh-gbkqKDICsbC9t5wvvGr74oR2tkeEAEg-e7lHGCV4pCCoAegAei-negDyAEJqAMByAPLBKoE7gFP0IQ3WW0ynIO2tcqp60NyniOz6ibsRoI2f-ESzXQLolP8ucETgmPgSg3-VJfTEKKrR_HFLr23JUBzVPrkR5Ub7rgEjTV2sE8f_nRaxvRs4SzySHp-ZUzymBH4OoFgsaEu7foj9WditDiN8HC-HDdEx12iDsHCj6X_EZ32yokKOaFPHemI-Hfd_InLVo8pHvnY1DRJ15FN6T10kZpKPHomZsJ0fjCjiBXkZhbmnmUd5ZzUoeDR_8RXwiQwTdv-r9p_fnCK8oujhlDn3WfqgfFcblksZAfVuv_AknLYv_iqOYNeaYv0luyoJDAR3m1TwASv7JeSogSSBQQIBBgBkgUECAUYBKAGLoAHgMHiF6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENDABdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxArgT5APYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODQ0MDM1MDIzNjY4NTUxMBgA&sigh=c-cpANr7Vvk&uach_m=[UACH]&cid=CAQSGwBygQiD3rj4WXBNs9k_UT4AI3gn3mVcDmdJhBgB&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Jun 2023 02:30:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 02:30:29 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/2197946265702998070/ Frame 2615
28 KB
28 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2197946265702998070/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296ee9b1d6f9f5d0b9c579c446494421cb179822ecaefda14b030b770ac7df9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:00:11 GMT
x-content-type-options
nosniff
age
235818
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28709
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 19:56:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Jun 2024 09:00:11 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6264435793781199375/ Frame 2615
3 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6264435793781199375/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9d40b315c50c291153d4e8f63d91dd4c257f59e944fc730f18e462ba015b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 14:40:00 GMT
x-content-type-options
nosniff
age
301829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3465
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 06:11:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 10 Jun 2024 14:40:00 GMT
truncated
/ Frame 2615
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/ Frame 2615
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 18:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
27491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8931
x-xss-protection
0
server
cafe
etag
12022837384336330993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Jun 2023 18:52:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 2615
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 18:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
27491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Jun 2023 18:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 2615
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 18:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
27490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Jun 2023 18:52:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2615
178 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 02:30:29 GMT
9c81088c85b4e7b59d5cd8ce7f87e269.js
www.gstatic.com/mysidia/ Frame 2615
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 22:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13708
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 21:46:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 22:00:10 GMT
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-2036786-1&cid=914770404.1686796229&jid=1206127332&gjid=1665341355&_gid=2100921727.1686796230&_u=YChAgEABAAAAAEAAI~&z=1462692582
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www1.odcr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Jun 2023 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www1.odcr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=530532023&t=pageview&_s=1&dl=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&ul=en-us&de=UTF-8&dt=%22STATE%20OF%20OKLAHOMA%20vs.%20WITTEN%2C%20ANDREW%20%22%20(CF-2022-00181)%20%7C%20On%20Demand%20Court%20Records&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgEABAAAAAAAAI~&jid=1206127332&gjid=1665341355&cid=914770404.1686796229&tid=UA-2036786-1&_gid=2100921727.1686796230&gtm=45He36c0n815F2ZHK9&z=611024358
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:34:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86133
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2615
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0990fb3e371e4a2110915620bd2c5651275b356d6491da638754f9233874f6a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-2036786-1&cid=914770404.1686796229&jid=1206127332&_u=YChAgEABAAAAAEAAI~&z=1318163189
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 02:30:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-2036786-1&cid=914770404.1686796229&jid=1206127332&_u=YChAgEABAAAAAEAAI~&z=1318163189
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 02:30:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertisement
www1.odcr.com/
379 B
591 B
XHR
General
Full URL
https://www1.odcr.com/advertisement
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
275afe0e85e8bbba7b4e6e8755f0d17bc11353e92e16a24e02207c8d73cd8ecb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Jun 2023 02:30:29 GMT
Content-Encoding
gzip
Server
nginx/1.25.0
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
41480-1383759624.png
www1.odcr.com/images/advertisements/
9 KB
9 KB
Image
General
Full URL
https://www1.odcr.com/images/advertisements/41480-1383759624.png
Requested by
Host: www1.odcr.com
URL: https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
24.116.255.51 Kuna, United States, ASN11492 (CABLEONE, US),
Reverse DNS
24-116-255-51.cpe.sparklight.net
Software
nginx/1.25.0 /
Resource Hash
7b3ecbd5bcc8b811c7c4deefcbef83c36754a3ec8cc9de0b2ceb79f3749f4791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/detail?court=005-&casekey=005-CF++2200181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 02:30:29 GMT
Last-Modified
Tue, 06 Jul 2021 20:54:10 GMT
Server
nginx/1.25.0
ETag
"60e4c2f2-224c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8780
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2615
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:30:27 GMT
x-content-type-options
nosniff
age
428403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 03:30:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2615
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
379575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2615
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 15:24:53 GMT
x-content-type-options
nosniff
age
385537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 15:24:53 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame BC98
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8440350236685510&output=html&h=600&slotname=8894641279&adk=1735473195&adf=1359420912&pi=t.ma~as.8894641279&w=160&lmt=1686796228&format=160x600&url=https%3A%2F%2Fwww1.odcr.com%2Fdetail%3Fcourt%3D005-%26casekey%3D005-CF%2B%2B2200181&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686796228743&bpp=4&bdt=511&idt=176&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=8719634684539&frm=20&pv=2&ga_vid=914770404.1686796229&ga_sid=1686796229&ga_hid=530532023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1384&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44788441&oid=2&pvsid=3272600204402341&tmod=720773700&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=01e8MRuOny&p=https%3A//www1.odcr.com&dtd=192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 21:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
192390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 21:04:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230613&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e256c7aae0134ccd0a23e6e30c593f36ee09cf95c9fd233d4ccb9141d8cf8f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11312
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8440350236685510&plah=www1.odcr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:30:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC0F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.odcr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 21:15:38 GMT
expires
Thu, 13 Jun 2024 21:15:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EC71
783 B
914 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63fa72ebea72d00dcc4c2f85f7a50e4afbe27614d136478cbf1c2a8c582910a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-calhIO2PI5aD3C4T58amPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www1.odcr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-calhIO2PI5aD3C4T58amPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 02:30:30 GMT
expires
Thu, 15 Jun 2023 02:30:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame EC71
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230613&jk=3272600204402341&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame AC0F
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 21:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
192390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 21:04:00 GMT
generate_204
tpc.googlesyndication.com/ Frame AC0F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?nbypGw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 02:30:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2615
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1hILI4YS7waOA_mB_7g_FtcnN82t2s7H-RBuZ1Mo_Q6TS4XOy7Rs7DR78VYtXTTfLT2qLp51xIWo38NQHN9nwYOf_5LazoSYzg19nZC_SpNAwO77HQsdVRjE6QJeQiivNjXoyS37Xp1ZU&sai=AMfl-YQ_wLd0lsjLHWwuSXGYZKe77sBNF22FffyHNzOtQZnw8bKVMHyxJblLpNEsNV5V0Bb5HAxPgyx6a8Al&sig=Cg0ArKJSzIiHiHmVW3KyEAE&cid=CAQSGwBygQiD3rj4WXBNs9k_UT4AI3gn3mVcDmdJhBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1735473195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686796228937&rpt=1120&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 02:30:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230613&jk=3272600204402341&bg=!MjGlMWXNAAaGYqkwpmI7ADkAdvg8WoPp11gmzGvW751QG_6uR47zt8Vl6tRn1r6Vv9RO32qqytCGDcj83cvVA2nVFVh_5LTfhg8CAAAAhlIAAAALaAEHCgCo3KrHhghh8T7wFNtoeq58SDQG_FszA9UWJXwU9ANbaM4v-p4-HPVY3vw9z0K2JGNa8flHJev4G_hocnbfGzOgnk_9gFkmAleUGTrx5Mbf7MOoog_kNg3hhnfNdlwBRR0burIOct81t04ZIxawrkCvwoo-9_xfChPSZ8-8V3a5ZmygEQPfzBknfWYmW6NQp9zI0w1dmHxTY2hpkB-Mbh8uMAPAk0d2vc3MmQLPC0WO32YAQbynJ9cRtDuGBrrE202UF9d5BklbHct2QKMjFAhtswe2QRLEsgw3YxnPcFoVP790eOITQnBHjnP5FI0XXwHQezW81sNATjvzexTCR6nrB0wFKPJIh9xfI3F_LMFQckq5PAL29OZiIMPaxcFFSdDKvFR3CJeKjDq1esk7Lynh0j7D06P7SDzTjeoVrfWRBLybsGkf7MLDUOjWPkvMWzo7_Oqg5zs6idp0M4sDfiuwiLcXngki_mnxOcL8G5m4BIgtjI1HgE4tXUf5vzlTwPpFC-LvBwnzakzsot7kDV6rzwDY6RJEgumH9HpNdLEr44MC6ye-SYyVdPUcN4-18FJjvyn1PGokfz6_YkkZzOPQVIaZJrAft5JIQ6VmivC0KjdiYTfHH-utuhxPim_sJHr5g9BhbhjmE6VUD0u8YdBVnPgyc82tA-LnMXWHbdRfRrXFnGP9w_x8Bd4pKGz68XmOsUrOhHhhFivKels4FQHJvAmMIAk2zrwreVRxSElCo0OjU9ahUjBt__QkMel01gnestuJJv7fkuJiPSVcjRTO4bEfAQOcV0XhRp8AsIU8yN3fY31SoXAnNevI8rgDFJQxCYt7FBefArrc7yzhU4A5vy9D3YjaG35rFE63j-Uvp-XHc_1lcLv2bqpTBT6pp3Ke3z3z9kZuUi4JbsBD7boJXVkYztu-f_uaCGCmHgyrxhVflUqJwVQJRk5pZnFjvxjRCrJOgw1n8UBv1D5axlsAgd5YYEdnJoUa2uFiVK9GssiPddPe_6KayM9GWalNxiA6q9X4CLkvtECWQZsdb0pkLw3xiN2hoTRy8qM_xJwVf4lvas0W4FDpGtyemT9ch6aODuTzyzsfkEXo7SIrRQaOYno7P7gmmHiL23QSzLbLSG1WJCww5dnhusitpR8kixYS20FLH5uXvEnjHQr3WuA1yL5qqVJIl7p1JfI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www1.odcr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer object| adsbygoogle function| getScript object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery object| recaptcha function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager string| GoogleAnalyticsObject function| ga function| Spinner function| SelectParser function| AbstractChosen function| Chosen function| get_side_border_padding object| gaplugins object| gaData object| googletag object| Browser object| application object| footer object| search object| contact object| results object| detail object| advertising object| statusPage object| viewer object| dashboard object| signup object| login object| imageManager object| billing object| linkCasetypes object| imageActivity object| financial object| userLookup object| receiveCheck object| linkButtons object| manageAdvancedTools object| payOnline object| functions function| waitForJqueryUi function| bootstrap object| jQuery1124008449679334297322 object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
www1.odcr.com/ Name: PHPSESSID
Value: bmhrheo3e6ift0ggm6qu7ve30s
.odcr.com/ Name: __gads
Value: ID=494acefcbbc93581-222b05e47be100c7:T=1686796229:RT=1686796229:S=ALNI_MbLu-OBTXQ3XdIJBjpP7xbFjUks8Q
.odcr.com/ Name: __gpi
Value: UID=00000c4f2ad328c8:T=1686796229:RT=1686796229:S=ALNI_MYgMRtmslLops5iehi9zFJsCtO0zQ
.odcr.com/ Name: _ga
Value: GA1.2.914770404.1686796229
.odcr.com/ Name: _gid
Value: GA1.2.2100921727.1686796230
.odcr.com/ Name: _dc_gtm_UA-2036786-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn7Err5eE5pzZbk0mFxl39izj0fPfozkdTJDmr5w3rIfYflnv_DhCdM5uEC-mU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www1.odcr.com
142.250.186.142
24.116.255.51
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9d
0990fb3e371e4a2110915620bd2c5651275b356d6491da638754f9233874f6a7
1a320fcde58b9a50fcacb68e6e3bbe3859bb2cfeb0c82ebdd75e1a975576c8f3
1a48cb53bd527b9d60743602c571a370a40fe49f908fb26d2a5c6cd4e6edea73
275afe0e85e8bbba7b4e6e8755f0d17bc11353e92e16a24e02207c8d73cd8ecb
2887f4f0710fc4666179d556119f5d07ee72192e1c249c93107a15455970af4b
296ee9b1d6f9f5d0b9c579c446494421cb179822ecaefda14b030b770ac7df9a
29f34fe02bc90597249f49b52b5ade5fbf8c2477318f789b82cea810bbfac8a3
2e9d40b315c50c291153d4e8f63d91dd4c257f59e944fc730f18e462ba015b1c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33f0b89e11ca93ed7db54ecf8821eff62f2a281f26496143d68223a1448e631e
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4151d96950f8d8d8e76e731619343688f12cd2bcdf1bd86c617d0c8c309e0c89
51861da6b3da04814aa23a6a1d634a5866dbeb50c40acf26081ef3edc0d6b601
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5ef32b812896e35656d7e3bd750d7202ebace9870cad6dfbcb4468d548451b9f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fa72ebea72d00dcc4c2f85f7a50e4afbe27614d136478cbf1c2a8c582910a1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0
75abcf8c9fa16f467d31889bf3f631e3fc2ede7c56395b1a33d8583d04b52ed6
76a403f5e85e119c2c9565bc675b49a87ab9ae43d3d97b39a4af06a03b39ef1a
7b3ecbd5bcc8b811c7c4deefcbef83c36754a3ec8cc9de0b2ceb79f3749f4791
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
8d4248d4cd6fabcb727c8a440ba5c49986a713829156324239f320f8056f4e99
98d287074f5663adea333f38974ceff009271842a56fe424400ea09f264deda9
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9da8dc8ab6f9ea3150fb41eab6f4b3b64660ab6967a39d67359ff0d369217d89
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b9bac9660f0c7be9dd8bd71bdb14030268523fa2977e1927c0ca14c9f4644578
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c524fd63771df9e6bd0d8b0e833d5fbace9d9e8017e76b912c620e2b6fd7249c
c910eb1a0ddae795b0896835b89a88e1a276d2f493e1b22d9272acfbd456bbbb
caa4f0e5d7a6730893e173e9a7d6d3a21e5fa0fcfcca2ee72daa5937a940b0eb
cb3aa9c7caf54c0692d0191eab6a8020569267ba1cf44386700a58c5e31b73d1
dc335b12c5b5f73396644696f62a9e79e6eb7b96ce87bdd745a1c640002d0fc4
e1a1a7f89f83d6da638952af4c77e963999d2aef4c318cbb3c9d92428e3fdd41
e256c7aae0134ccd0a23e6e30c593f36ee09cf95c9fd233d4ccb9141d8cf8f8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08535ec774cc8bb46069b4527b8686031f92631fd2fc4cb18d4dd4b88a7a5ce
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ffa8f945f9895000e4fb9162531f62c857a1a511e8f92822bb386d233b3d5b05