www.real.discount Open in urlscan Pro
67.205.60.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.real.discount/
Submission: On December 25 via manual (December 25th 2022, 10:36:20 pm UTC) from IN — Scanned from DE

Summary HTTP 85 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 85 HTTP transactions. The main IP is 67.205.60.228, located in Ashburn, United States and belongs to DREAMHOST-AS, US. The main domain is www.real.discount. The Cisco Umbrella rank of the primary domain is 658739.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.

This is the only time www.real.discount was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	67.205.60.228 67.205.60.228	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	2600:9000:249... 2600:9000:2491:a800:15:d7e1:d6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a02:6ea0:c70... 2a02:6ea0:c700::15	60068 (CDN77 ^_^) (CDN77 ^_^)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:aa00:f:1dcc:7540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
85	23

15 67.205.60.228 (Ashburn, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: vps22003.dreamhostps.com

www.real.discount	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2491:a800:15:d7e1:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img-c.udemycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img-b.udemycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

ocw.mit.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:aa00:f:1dcc:7540:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	442 KB
15	real.discount www.real.discount — Cisco Umbrella Rank: 658739	399 KB
13	udemycdn.com img-c.udemycdn.com — Cisco Umbrella Rank: 43403 img-b.udemycdn.com — Cisco Umbrella Rank: 50330	763 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 156	77 KB
5	google.com 1 redirects play.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 15 adservice.google.com — Cisco Umbrella Rank: 129	7 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	62 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	94 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4227 adservice.google.de — Cisco Umbrella Rank: 6468	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 87	20 KB
2	dwin2.com www.dwin2.com — Cisco Umbrella Rank: 23200	133 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1055	699 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 324	58 KB
1	mit.edu ocw.mit.edu — Cisco Umbrella Rank: 319019	74 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	43 KB
85	15

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.real.discount pagead2.googlesyndication.com
15	www.real.discount	www.real.discount
9	pagead2.googlesyndication.com	www.real.discount pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	img-c.udemycdn.com	www.real.discount
5	img-b.udemycdn.com	www.real.discount
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects www.real.discount tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.dwin2.com	www.real.discount www.dwin2.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.real.discount
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	www.real.discount
1	play.google.com	www.real.discount
1	ocw.mit.edu	www.real.discount
1	www.googletagmanager.com	www.real.discount
85	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
discord.gg
t.me
www.linkedin.com
www.reddit.com
play.google.com

Subject Issuer	Validity	Valid
www.real.discount R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.udemycdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-14`	a year	crt.sh
ocw.mit.edu InCommon RSA Server CA	`2022-12-16` - `2023-12-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.dwin2.com Amazon	`2022-09-13` - `2023-10-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.real.discount/
Frame ID: 2F6B9A15A8942AA1D6EBA35C621DA503
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 87C19773181DD346FFEF3DD3711C1C01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&adk=1812271804&adf=3025194257&lmt=1672007775&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.real.discount%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775596&bpp=3&bdt=415&idt=251&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2392261489961&frm=20&pv=2&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: 45A82A55737FEC410141AFA54618EA64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280
Frame ID: 4E768241AC3CE69016B9556A8B3519D1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1454042446&adf=810568957&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775600&bpp=1&bdt=418&idt=282&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uo6ei1dOXC&p=https%3A//www.real.discount&dtd=284
Frame ID: 2F790D73953251A98C49C14C82CA85C8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html
Frame ID: 4EE4B106DF06625259AF055189A5EE97
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A519956CF650F7ECA858A277E33AD535
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 0EE84BC1D283AD860EAD4B6B9592F295
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E10FDA386E1CC76DB25C16C2F2C8B5C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 661CF866787D45B224B6A1FB0BB6136E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Udemy Online Courses and Udemy Free Courses

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

85
Requests

100 %
HTTPS

91 %
IPv6

15
Domains

22
Subdomains

23
IPs

4
Countries

2174 kB
Transfer

4512 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/discount.real

Search URL Search Domain Scan URL

URL: https://twitter.com/RealDiscount1

Search URL Search Domain Scan URL

URL: https://discord.gg/wMWPU2e

Search URL Search Domain Scan URL

URL: https://t.me/real_discount

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/real-discount

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/saadmerie/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.webbay.free_courses&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

85 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.real.discount/ 46 KB
10 KB 568ms
188ms Document
text/html 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 76574e52eeadeaa07fdeaa9d45d8ed311b9ccf842704d74d0ead21562e0ca33a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=31536000 max-age=600
content-encoding: gzip
content-length: 9309
content-type: text/html; charset=utf-8
date: Sun, 25 Dec 2022 22:36:15 GMT
expires: Sun, 25 Dec 2022 22:46:15 GMT
server: Apache
status: 200 OK
vary: Cookie,Accept-Encoding,User-Agent
x-powered-by: Phusion Passenger 5.0.30

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 146ms
53ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9827766-8

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42a88e962a026cbe6bbd617d152ab9c801de9bbee261b18eb8b3c1e60780b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43597
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Dec 2022 22:36:15 GMT

GET
H2 200 all.min.css
www.real.discount/vendor/%40fortawesome/fontawesome-free/css/ 56 KB
13 KB 110ms
108ms Stylesheet
text/css 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-57180-2258248599-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=all.min.css
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 argonc.css
www.real.discount/css/ 293 KB
44 KB 116ms
114ms Stylesheet
text/css 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/css/argonc.css
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 3fb92b091122dda7f7e179fecf5e812217f0182f1af17ac78230fbce9dda67a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 09:43:08 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1629884588.0-300098-1145705704-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=argonc.css
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 style.css
www.real.discount/css/ 15 KB
4 KB 111ms
109ms Stylesheet
text/css 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/css/style.css
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 15c18b5ce26b80a9d520ce1490a78bdc3610edcfb4045f6455cd3668666bd6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Fri, 15 Jul 2022 08:03:09 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1657872189.0-15548-809374879-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=style.css
content-length: 4013
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 logowhite.png
www.real.discount/img/brand/ 6 KB
6 KB 180ms
178ms Image
image/png 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/brand/logowhite.png
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: b42c95562d5971fbfdada39a4723afa29ff7b811c00724d12f2ec16a01954d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
last-modified: Sat, 20 Mar 2021 08:28:14 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1616228894.0-6125-286136422"
vary: Cookie,User-Agent
content-type: image/png
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=logowhite.png
content-length: 6125
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 Logoblue.png
www.real.discount/img/brand/ 5 KB
5 KB 177ms
175ms Image
image/png 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/brand/Logoblue.png
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 89a4ade39b2dc6e0cd828fd6e7bdcac9b81921f24de732d9bc51e3c7e12533a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
last-modified: Wed, 27 Jan 2021 14:26:24 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1611757584.0-4804-4134082509"
vary: Cookie,User-Agent
content-type: image/png
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=Logoblue.png
content-length: 4804
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 1535382_b14f_5.jpg
img-c.udemycdn.com/course/750x422/ 52 KB
52 KB 71ms
9ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/1535382_b14f_5.jpg
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38134ab16b1b99961e50a1151e63e4ba1ef154bab64873fce165aec3c6cad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 05:00:37 GMT
x-amz-version-id: raPM8GhOJ1R9Qh4gGURXd2tkODVvPG71
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3692139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 52984
last-modified: Mon, 08 Aug 2022 16:13:14 GMT
server: AmazonS3
etag: "af725cbbf4ac3a01b2e2942fb7464624"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: hZEFSpSyD2R7vrWBejcjN9HqgrlMWiI3zFYyhYlyAeAzf5Yy7R2hjw==

GET
H2 200 1343970_28b4.jpg
img-b.udemycdn.com/course/750x422/ 29 KB
30 KB 72ms
7ms Image
image/jpeg 2a02:6ea0:c700::15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-b.udemycdn.com/course/750x422/1343970_28b4.jpg
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48d2a6f8f1898f1fdbe0e52cf7ee6c8b72b06dec9721f2891f1cee8d745a9913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Dec 2022 22:36:15 GMT
x-amz-version-id: null
x-age-lb: 13326784
x-cdn: cdn77
x-amz-request-id: CTZN8P46NC6FE05N
x-77-cache: HIT
alt-svc: quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length: 29822
x-amz-id-2: 8dXe9hli6Madhwv73lclgXRU9H/lealfb/jeQ6VeXRIe2oMcTFDgNNCWK8PPzg+fD8LDe4/Q+Vw=
x-77-nzt: ApySIQd1Y8X/wFnLAFQRPUSWOKD/0nl8AQ
x-accel-expires: @1949106125
x-cache-lb: HIT
last-modified: Wed, 21 Feb 2018 04:28:17 GMT
server: CDN77-Turbo
etag: "187180f23cd3417afa1de9f7ef10fe8d"
x-77-nzt-ray: 298deb221ea63a9e5fd0a86305fbca11
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes

GET
H2 200 2c66dc4f15e2c7ad835c009b05242289_22-39f06.jpg
ocw.mit.edu/courses/22-39-integration-of-reactor-design-operations-and-safety-fall-2006/ 74 KB
74 KB 33ms
7ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ocw.mit.edu/courses/22-39-integration-of-reactor-design-operations-and-safety-fall-2006/2c66dc4f15e2c7ad835c009b05242289_22-39f06.jpg

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc217b527f50063dbe93d94c7752a09c4201dc349ad5578ce5ec5377d4f0bcb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220051-HHN
date: Sun, 25 Dec 2022 22:36:15 GMT
strict-transport-security: max-age=300
last-modified: Thu, 14 Apr 2022 21:15:49 GMT
age: 24559
etag: "97a40704702da8bf93a38de3ab5f2013"
x-cache: HIT
x-amz-meta-site-id: 22-39-integration-of-reactor-design-operations-and-safety-fall-2006
content-type: image/jpeg
accept-ranges: bytes
content-length: 75450
x-cache-hits: 1

GET
H2 200 Ball.svg
www.real.discount/img/ 585 B
717 B 183ms
181ms Image
image/svg+xml 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/Ball.svg
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: b350c789ab57cc3a81c7812edf95ab7e3eabc732897cffacd3f0167b0ecccfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 08:19:37 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1657613977.0-585-417272804-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: image/svg+xml; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=Ball.svg
content-length: 407
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 5 KB
5 KB 139ms
44ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 06:08:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to: {"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type: image/png
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4904
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/play_google"
expires: Sun, 25 Dec 2022 22:36:15 GMT

GET
H2 200 main.js Show response
www.real.discount/gen/ 197 KB
63 KB 261ms
259ms Script
application/javascript 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/gen/main.js?0ceec9a7
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 846a80650ca060100958569535536c6b291c8dac7f9bc7cc61779e49cf5534bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 09:05:19 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1623402319.651176-201847-98898840-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=main.js
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 register_service_worker.js Show response
www.real.discount/js/ 2 KB
1 KB 183ms
180ms Script
application/javascript 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/js/register_service_worker.js
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: f5b9791f87983c0237b084e469c9e6d6897666d791b72aadc4186b018decd896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 08:03:20 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1621929800.0-2295-3033209668-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=register_service_worker.js
content-length: 863
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 360 KB
58 KB 57ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment-with-locales.min.js

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.real.discount/
Origin: https://www.real.discount
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 225694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59023
last-modified: Wed, 06 Jul 2022 23:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62c614dc-e68f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9W8AiO2MgYFIL8u6jiQQf%2Bq6LkWJ8giAXWvhY3P%2FGjyA89%2Fjty84vP01ExJj215bWaOtRPE418wj3eSgE60UFVmWLwN3CyIqianBh2b%2FXA0p%2Fz%2F8txmvf0SdIlxIxp7jJAeTFU4Cl7teQZG0Ghwfq3G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77f50df369ba2bc7-FRA
expires: Fri, 15 Dec 2023 22:36:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 276ms
120ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49cdfd567154324c58df00ff2758ae96af314723dbc375bff880c39ce580f411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49529
x-xss-protection: 0
server: cafe
etag: 9063896122762314967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 22:36:15 GMT

GET
H2 200 pub.330563.min.js Show response
www.dwin2.com/ 445 KB
127 KB 206ms
137ms Script
text/javascript 2600:9000:214f:aa00:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/pub.330563.min.js
Requested by: Host: www.real.discount
URL: https://www.real.discount/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db4269d2963b6e861797020d82893c0b8b4da5dc8ee8082ab7461f3d437a15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Sun, 25 Dec 2022 22:36:16 GMT
last-modified: Fri, 23 Dec 2022 18:23:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"a20bc0547ccda9c89a9ce1475311b3fc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: u3Vdg4hKf6Uofw9pd-stx84nQsCcYZtcR4BRRTp_T5qne1OfcEIa4w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9827766-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Dec 2022 21:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4298
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 25 Dec 2022 23:24:37 GMT

GET
H2 200 headerbg-sm.jpg
www.real.discount/img/ 62 KB
62 KB 107ms
107ms Image
image/jpeg 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/headerbg-sm.jpg
Requested by: Host: www.real.discount
URL: https://www.real.discount/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 0e5af6a6429718f411d5d737ba6a49aa28cdfc1a147b0e4ad1473bfd56da9d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
last-modified: Wed, 25 Aug 2021 11:06:07 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1629889567.0-63188-2961708697"
vary: Cookie,User-Agent
content-type: image/jpeg
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=headerbg-sm.jpg
content-length: 63188
expires: Tue, 24 Jan 2023 22:36:15 GMT

GET
H2 200 fa-solid-900.woff2
www.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 127ms
127ms Font
font/woff2 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: www.real.discount
URL: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Origin: https://www.real.discount
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-76084-1328752507"
vary: Cookie,User-Agent
content-type: font/woff2
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=172800
content-disposition: inline; filename=fa-solid-900.woff2
content-length: 76084
expires: Tue, 27 Dec 2022 22:36:15 GMT

GET
H2 200 fa-brands-400.woff2
www.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 124ms
124ms Font
font/woff2 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by: Host: www.real.discount
URL: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

Referer: https://www.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Origin: https://www.real.discount
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-75936-2002659285"
vary: Cookie,User-Agent
content-type: font/woff2
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=172800
content-disposition: inline; filename=fa-brands-400.woff2
content-length: 75936
expires: Tue, 27 Dec 2022 22:36:15 GMT

GET
H2 200 init.js Show response
www.dwin2.com/ 12 KB
6 KB 8ms
7ms Script
text/javascript 2600:9000:214f:aa00:f:1dcc:7540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin2.com/init.js
Requested by: Host: www.dwin2.com
URL: https://www.dwin2.com/pub.330563.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b655385b724c776b0b84a694351efc631f390fb1346235886bb64ad433420cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Sun, 25 Dec 2022 22:28:56 GMT
last-modified: Sun, 25 Dec 2022 21:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 439
etag: W/"6cf5ef23e4e8f4e302f466cc4d65b405"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=600
x-amz-cf-id: geeya0bF_57ogm9ByoslJ7U4z4K978XZMPeZ5zfny-xhDlxSx8YDLQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 45ms
45ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1679135371&t=pageview&_s=1&dl=https%3A%2F%2Fwww.real.discount%2F&ul=en-us&de=UTF-8&dt=Free%20Udemy%20Online%20Courses%20and%20Udemy%20Free%20Courses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=206493341&gjid=1227054146&cid=96234171.1672007776&tid=UA-9827766-8&_gid=608814626.1672007776&_r=1&gtm=2oubu0&z=1531259093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.real.discount/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 22:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 105ms
105ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8859084410354944&plah=www.real.discount&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ba3dedda792b083a1d5128217234399d66868a8e92d35865b8684ba3b382818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120017
x-xss-protection: 0
server: cafe
etag: 7264261464139212156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 22:36:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 87C1 10 KB
5 KB 129ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 17:24:04 GMT
etag: 10353107486223812946
expires: Sun, 08 Jan 2023 17:24:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 71ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-9827766-8&cid=96234171.1672007776&jid=206493341&gjid=1227054146&_gid=608814626.1672007776&_u=YEBAAUAAAAAAACAAI~&z=1181460229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.real.discount/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Dec 2022 22:36:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 128ms
46ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9827766-8&cid=96234171.1672007776&jid=206493341&_u=YEBAAUAAAAAAACAAI~&z=658716496

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 22:36:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 143ms
48ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9827766-8&cid=96234171.1672007776&jid=206493341&_u=YEBAAUAAAAAAACAAI~&z=658716496

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 22:36:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 130ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.real.discount&callback=_gfp_s_&client=ca-pub-8859084410354944&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8859084410354944&plah=www.real.discount&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de39b6863d3c2e4d75a7c1b5a00e27c3175f11276b3b2b0efc8f6af3df05e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 164ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.real.discount

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
45ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.real.discount

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45A8 9 KB
975 B 197ms
124ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&adk=1812271804&adf=3025194257&lmt=1672007775&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.real.discount%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775596&bpp=3&bdt=415&idt=251&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2392261489961&frm=20&pv=2&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b25c3ca5099e58e7f707f749ab79a7e298310fe8ae841a238a847f040e130532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 952
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:16 GMT
expires: Sun, 25 Dec 2022 22:36:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E76 85 KB
30 KB 1388ms
1323ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff13babc6ae58798670ad27d8aaa7b5f83736925b788bc25b480e78fef5c95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:17 GMT
expires: Sun, 25 Dec 2022 22:36:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F79 110 KB
41 KB 984ms
925ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1454042446&adf=810568957&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775600&bpp=1&bdt=418&idt=282&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uo6ei1dOXC&p=https%3A//www.real.discount&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c515c98519d53326837ab7a4c77b082d1b3a266afcdb66fc1a9f84de083aee5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzDsazqlfwCFRTM1Qod6KMOzA&gqi=X9CoY-G4OtSszAb8lqHADw&layout=/sadbundle/%24csp%253Der3%24/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41516
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzDsazqlfwCFRTM1Qod6KMOzA&gqi=X9CoY-G4OtSszAb8lqHADw&layout=/sadbundle/%24csp%253Der3%24/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:16 GMT
expires: Sun, 25 Dec 2022 22:36:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 970x250_GlobalLCYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/ Frame 4EE4 145 KB
28 KB 166ms
48ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1454042446&adf=810568957&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775600&bpp=1&bdt=418&idt=282&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uo6ei1dOXC&p=https%3A//www.real.discount&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781ff5b868a054caab96a802bf51a1e7c1eee3dc6711b0c625ff98e64bc29d34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 148819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27364
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Dec 2022 05:15:58 GMT
expires: Sun, 24 Dec 2023 05:15:58 GMT
last-modified: Wed, 31 Aug 2022 04:52:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2F79 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxi4wX9CoY6yYO5SY1wbox7rgDNPMkIhu2a6o3MQQypyKjNcdEAEg-s-2M2CV4pCCoAegAercgNECyAEJqQLNj3uIMY2mPqgDAcgDSKoE0QFP0GtwUZWFro-V9X5v2to9T6UxCo_r85kRcKFWYsGJb5ifTpczZnEYrv2sFXRuWmEgbfL13u7q0jFQ3NfJ6o6tdRpBhVCxkP-da3-xlmnQmKsIo3-5huGYVYqqnUX49oMaE7DN096a2F5VvT580ov17AzsvsQwzIZ1LS2KzMmRgUHqiOKgqMp_Sz2cqmDJC-xw4EaaAVXgSWtXydJF18-w5tCmQwBTeKJL33ioS6vaiwbBKMO63YjLuccphq9n0H-GQUeutrGRljhxLUz_NF5GrsAEu_O7rakDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxZ9y0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODg1OTA4NDQxMDM1NDk0NBgA&sigh=VLyWr5PDx9M&uach_m=[UACH]&cid=CAQSGwDq26N9sU00s1zb1dxN0-Jg1PFqgU9LExNi7xgBIBM&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1454042446&adf=810568957&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775600&bpp=1&bdt=418&idt=282&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uo6ei1dOXC&p=https%3A//www.real.discount&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Dec 2022 22:36:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Dec 2022 22:36:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2F79 23 KB
10 KB 152ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 12:33:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F79 3 KB
1 KB 162ms
47ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 17:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 17:14:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F79 18 KB
7 KB 156ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 12:33:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F79 153 KB
47 KB 161ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 22:36:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A519 143 B
166 B 37ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1454042446&adf=810568957&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775600&bpp=1&bdt=418&idt=282&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x280&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uo6ei1dOXC&p=https%3A//www.real.discount&dtd=284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 21:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F79 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a52e2175522bfdced9cb3c5c6fc7e89d63c4c0ac1c997b57e15769d27c9bb1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4EE4 6 KB
3 KB 133ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 18:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Dec 2022 18:58:17 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4EE4 34 KB
13 KB 135ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Dec 2022 09:40:58 GMT

GET
H3 200 createjs.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/libs/1.0.0/ Frame 4EE4 236 KB
63 KB 118ms
40ms Script
application/x-javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/libs/1.0.0/createjs.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/970x250_GlobalLCYSEC.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 16:29:29 GMT
age: 194808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64184
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 04:52:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Dec 2023 16:29:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A519
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:17 GMT
expires: Sun, 25 Dec 2022 22:36:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4E76 6 KB
1 KB 124ms
44ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 22:06:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 22:36:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4E76 2 KB
765 B 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 12:33:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E76 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce20iX9CoY9y1O8bJxwKogZnYCNuiwe9t68a8iO0QkOr_25Y4EAEg-s-2M2CV4pCCoAegAaCBs8MDyAEJqQJsf92vI9CxPqgDAcgDywSqBNQBT9CjWCuCQ7L4UWmfJppMDYdVmSYRxPe7dA55Adx_h8VnjkgUpzTPOvLHhLM9Wp16Q-lVk2BB8Hrvdn4yJtmZvAQ3LIxD9fTl_hI1Y0mfQKcIIKaQb3MieHAHackK0mKOALTkql2ZgYif5eY6Djmpt2aOV_rR_kI50j3x4qLsBzrSnM1698aEnwtmgKUraqFfhoJKDoGRdGHmqoydDx_4hcXU4Xyfd2QPUWNdMSlftDXWCqzB5kt49QkC_T9lXfoiOwyZ6T_MiOF82SW1UIa2SYN2wq3ABJj8rfKiBJIFBAgEGAGSBQQIBRgEoAYugAeDmZk9qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5L5e0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTg4NTkwODQ0MTAzNTQ5NDQYAA&sigh=Ts_9tSvKh4k&uach_m=[UACH]&cid=CAQSGwDq26N97wQ6-AJ0YsAMM1Z3yfy0jOZCOql69RgBIBM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Dec 2022 22:36:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/5769986395390521179/ Frame 4E76 13 KB
13 KB 38ms
38ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5769986395390521179/2728354180183721846?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d212c9daf1e07f9577384267216c6a4837fd2638910e1ffbef33770cb453a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 08:12:39 GMT
x-content-type-options: nosniff
age: 570218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 09:49:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 08:12:39 GMT

GET
H3 200 18393975102928529220
tpc.googlesyndication.com/simgad/ Frame 4E76 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18393975102928529220?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9afa55fee4802c35d7c641f8b05c4595a05c353d3ec77b4565edd166a07cd429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 08:02:41 GMT
x-content-type-options: nosniff
age: 138816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2306
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:03:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Dec 2023 08:02:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4E76 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 12:33:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4E76 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 17:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 17:14:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4E76 18 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 12:33:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E76 153 KB
47 KB 132ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 22:36:17 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 4E76 34 KB
15 KB 166ms
48ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 01:18:41 GMT

GET
H3 200 _970f.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/images/ Frame 4EE4 24 KB
24 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/images/_970f.jpg?1661349724627

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6d0828f68dd0f1920c9c338b9099734d8914fe63e32d49eb7ebe4f9afa76a51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 23 Dec 2022 11:49:04 GMT
x-content-type-options: nosniff
age: 211633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24641
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 04:52:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Dec 2023 11:49:04 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EE4 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:50:34 GMT

GET
H3 200 cell.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/images/ Frame 4EE4 23 KB
23 KB 39ms
39ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14258223670084956824/970x250_GlobalL_CYSEC/images/cell.png?1661349724627

Requested by

Host: www.real.discount
URL: https://www.real.discount/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59094b0955b75f5bae3b14c759319753aef58b7cd44f1c13c4fd5fa33b43f219

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 23 Dec 2022 10:27:11 GMT
x-content-type-options: nosniff
age: 216546
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23906
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 04:52:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Dec 2023 10:27:11 GMT

GET
DATA 200
OK truncated
/ Frame 4E76 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed32f4c0c736fb80820fc3beb1e8ea1e53ee868fa0f00aa8a17e44c61d2ab06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E76 15 KB
15 KB 156ms
76ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 180837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:22:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E76 15 KB
16 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 235608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E76 15 KB
15 KB 123ms
45ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 206484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 13:14:53 GMT

GET
H2 200 / Show response
www.real.discount/api-web/all-courses/ 12 KB
12 KB 185ms
184ms XHR
application/json 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/api-web/all-courses/?store=Udemy&page=1&per_page=10&orderby=undefined&free=0&search=&language=
Requested by: Host: www.real.discount
URL: https://www.real.discount/gen/main.js?0ceec9a7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 0b8fc2c2998438c67b3b8b5fa6fc3c52e62d78c788bd40429280f2193cbbc07c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.real.discount/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
vary: Cookie,User-Agent
content-type: application/json
status: 200 OK
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000
content-length: 12279
expires: Mon, 25 Dec 2023 22:36:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 188ms
93ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128a00acebdee1e492b49b7f8301ba5e20f0e73178fc942931221dd78af6a548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11009
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EE8 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=1557140693&adf=2541003214&pi=t.ma~as.2787297283&w=1080&fwrn=4&fwrnh=100&lmt=1672007775&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.real.discount%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672007775599&bpp=1&bdt=418&idt=275&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2392261489961&frm=20&pv=1&ga_vid=96234171.1672007776&ga_sid=1672007776&ga_hid=1679135371&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531847%2C31071220%2C44777948%2C44780792&oid=2&pvsid=2822467818516514&tmod=1822662240&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aCoAEvEWu6&p=https%3A//www.real.discount&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:50:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 22:36:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E10F 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 19:52:02 GMT
expires: Mon, 25 Dec 2023 19:52:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 661C 783 B
533 B 45ms
45ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ea40af714274e33a07b7b632e5f780287686c1a900ac199fb4d84f359b9768e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EuLiwllcqOr_VoE-850veQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.real.discount/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-EuLiwllcqOr_VoE-850veQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 22:36:17 GMT
expires: Sun, 25 Dec 2022 22:36:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sponsored.png
www.real.discount/img/ 7 KB
8 KB 110ms
108ms Image
image/png 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/sponsored.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: fbab50e320ae676c1f8f73a014a291984cd2c0c4f624e5fa871683aeee86011f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
last-modified: Sun, 25 Jul 2021 00:28:24 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1627172904.0-7519-2266830395"
vary: Cookie,User-Agent
content-type: image/png
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=sponsored.png
content-length: 7519
expires: Tue, 24 Jan 2023 22:36:17 GMT

GET
H2 200 5041578_ae42.jpg
img-c.udemycdn.com/course/750x422/ 49 KB
49 KB 27ms
25ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/5041578_ae42.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e9ed986d44788e53629f322fb3c8009ac74876f2517038a0af344b62cb4f704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 21:58:06 GMT
x-amz-version-id: NXW5tzyWPG3tfSTXFYPY7CF3DNIgLC2n
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 50122
last-modified: Sun, 25 Dec 2022 21:49:23 GMT
server: AmazonS3
etag: "762d5d544d7ff42ccc2fc7c5dc54e2a6"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: A_9hB9EYmeZeH88O67AhaTSJ158GUQUNwgJAJxKSW3txP8hMOkFk_A==

GET
H2 200 5029590_164c_3.jpg
img-b.udemycdn.com/course/750x422/ 87 KB
88 KB 9ms
7ms Image
image/jpeg 2a02:6ea0:c700::15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-b.udemycdn.com/course/750x422/5029590_164c_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e288b0deef85b4cc9e65aa1f270d63357736555eabdb15fd91a99dc6b9b0d7a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Dec 2022 22:36:17 GMT
x-amz-version-id: iEItynyuD4IF8XTBhZv4fN9TtdTG9gNN
x-age-lb: 287397
x-cdn: cdn77
x-amz-request-id: 7ASPXEXVYQV15QMH
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-amz-replication-status: COMPLETED
alt-svc: quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length: 89196
x-amz-id-2: 9qoS5OoMlHlJtPybstTuSLdc93AVs/q9G4W2EcYK6vbrQJErIzt0La8HRBF6SWfmDCZh1/sr/xQ=
x-77-nzt: ApySIQev3eH/pWIEAFQRPUdjGLX/pQwAAA
x-accel-expires: @1987077143
x-cache-lb: HIT
last-modified: Tue, 20 Dec 2022 11:45:56 GMT
server: CDN77-Turbo
etag: "cdfd2a51847379b1b3197c82b8ed91e3"
x-77-nzt-ray: 298deb221ea63a9e61d0a863a7ab1c31
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes

GET
H2 200 4846592_1123_3.jpg
img-b.udemycdn.com/course/750x422/ 46 KB
47 KB 18ms
16ms Image
image/jpeg 2a02:6ea0:c700::15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-b.udemycdn.com/course/750x422/4846592_1123_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2809243489c3cd57106ed5e191fd8914eadffde1c3c1923e1a6370751c616369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Dec 2022 22:36:17 GMT
x-amz-version-id: 5R4Gs53VD3tesrUNfjGeWrtZqjnjvxe7
x-age-lb: 8410119
x-cdn: cdn77
x-amz-request-id: JZJXWZ6SMKTGK50C
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-amz-replication-status: COMPLETED
alt-svc: quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length: 46989
x-amz-id-2: 53KCaqgO348gb+vmV+S1RHBaFh6cLX6mR035MaUfZHun57jfUEu/BhgSvEHrBqswydX37gt3yAc=
x-77-nzt: ApySIQdIcJH/B1SAAFQRPUTAbAD/T1YAAA
x-accel-expires: @1978935563
x-cache-lb: HIT
last-modified: Mon, 19 Sep 2022 07:56:46 GMT
server: CDN77-Turbo
etag: "2ac59883f5e19defcbfb29a4ba0c2d22"
x-77-nzt-ray: 298deb221ea63a9e61d0a863a52f2631
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes

GET
H2 200 5041490_93be.jpg
img-c.udemycdn.com/course/750x422/ 95 KB
96 KB 10ms
8ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/5041490_93be.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9114d961fb1e6f5107547e63ef28bd7f67e91a0df7abc304d151af36b577fc3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 19:50:25 GMT
x-amz-version-id: pXRROnMCb4CPyI0RPZDnI1lsN7sTGSzw
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 9953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 97575
last-modified: Sun, 25 Dec 2022 19:40:58 GMT
server: AmazonS3
etag: "1e58a117d53ce7368846505b2fdf8977"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 0_Lf4op9gfVeliQJxNZcGV83v832oAhtmQ_IM_ij9cI35WT0jv0t1A==

GET
H2 200 4567644_bc79_4.jpg
img-c.udemycdn.com/course/750x422/ 35 KB
35 KB 17ms
16ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/4567644_bc79_4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16fc761226caa14b391c0ee9915332f6965aaf3c32523e1327728ab81afbae1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:29:41 GMT
x-amz-version-id: avLDi1QOPbjBZTrGUDZOIfPyA0kFwwns
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2444797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35425
last-modified: Wed, 11 May 2022 16:46:19 GMT
server: AmazonS3
etag: "be1e413d567a6fb552443efcba76cbc3"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 1wDUDaphcH6y_PFemgHgZwBDd9m6cvYAn6t51uwrmQQdLyJUBoycjg==

GET
H2 200 4937682_1619_3.jpg
img-b.udemycdn.com/course/750x422/ 42 KB
43 KB 19ms
18ms Image
image/jpeg 2a02:6ea0:c700::15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-b.udemycdn.com/course/750x422/4937682_1619_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aa51eab764b883ee0f0e0dfb94ad023001e785fefdf2513b8a36c76742b751f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Dec 2022 22:36:17 GMT
x-amz-version-id: DMtELkH0e0_qFClT.tjqfv.6P0FH3RCc
x-age-lb: 1891243
x-cdn: cdn77
x-amz-request-id: PMHBYS01JNWG47QT
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-amz-replication-status: PENDING
alt-svc: quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length: 43004
x-amz-id-2: S8185ylPilLFRwz3yHY8e8dXbadiqZWpCAyRQgPwDX9C2Bw01AkiMsIP/i7BGvqrFd5+va/ArGQ=
x-77-nzt: ApySIQclnEz/q9scAFQRPURHJFb/u9QSAA
x-accel-expires: @1984242427
x-cache-lb: HIT
last-modified: Sat, 19 Nov 2022 18:25:34 GMT
server: CDN77-Turbo
etag: "96522d6199bcb3f39056d7fce27fdca9"
x-77-nzt-ray: 298deb221ea63a9e61d0a8632df32831
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes

GET
H2 200 5023744_0b54.jpg
img-c.udemycdn.com/course/750x422/ 37 KB
37 KB 19ms
17ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/5023744_0b54.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 377d1965ee80e707b0c2547a4009790b6bb09fc810663bc282b323357f4ef129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 13:27:13 GMT
x-amz-version-id: Uu_BaUml5WfbFVD65_MQxN6IKq9Rb88F
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 119345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 37653
last-modified: Wed, 14 Dec 2022 02:26:35 GMT
server: AmazonS3
etag: "5f48fd9dd49f826643e416e15f46920e"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Tdqlax1_OuLeV4ssAfgwhkQ1qikgdyKtsI6igVZ7Ezf96dbAYI8ofw==

GET
H2 200 4985872_a17a.jpg
img-c.udemycdn.com/course/750x422/ 43 KB
44 KB 19ms
17ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/4985872_a17a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34c380bb193a456d8702690382df18e40603f185d250ebc169854e91241d118f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 21:14:22 GMT
x-amz-version-id: HLn_aBwtqhD56ORGh5RU2PiFrdJ1hqNz
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3115316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 44268
last-modified: Sat, 19 Nov 2022 21:07:23 GMT
server: AmazonS3
etag: "c127bb128622a6f263ce0854cc25c2f7"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: IF5YD-DXrm2Ktvf16JRD68S-IEll3vYC7L7UozVgxONpWUF4ZJhWsg==

GET
H2 200 udemy.png
www.real.discount/img/ 18 KB
19 KB 110ms
109ms Image
image/png 67.205.60.228
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.real.discount/img/udemy.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.60.228 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps22003.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: ab0e931a95e8823c7c0c762191caad35a92a25f25976652387963e7dce6d0273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:17 GMT
last-modified: Tue, 13 Sep 2022 16:44:32 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1663087472.0-18857-792794242"
vary: Cookie,User-Agent
content-type: image/png
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache, max-age=31536000, max-age=2592000
content-disposition: inline; filename=udemy.png
content-length: 18857
expires: Tue, 24 Jan 2023 22:36:17 GMT

GET
H2 200 4119064_4978_9.jpg
img-b.udemycdn.com/course/750x422/ 107 KB
108 KB 19ms
18ms Image
image/jpeg 2a02:6ea0:c700::15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-b.udemycdn.com/course/750x422/4119064_4978_9.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 719b9baeba0421a1c80167c0a412d059a92900fe38f7f6e9a9a154b5f13fddc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Dec 2022 22:36:17 GMT
x-amz-version-id: vqirwXQS2.b_RkHlRqTinWWUXDEd8xa2
x-age-lb: 1469289
x-cdn: cdn77
x-amz-request-id: 8TXWQVFCFZMGE7V1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-amz-replication-status: COMPLETED
alt-svc: quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length: 109712
x-amz-id-2: EMDoJe2XZoO//rpWFtlIZCie8+9faSqxeKztSXH2Hi0X0B1aGlNZtDvN/E39c8crg6S6LhEGl90=
x-77-nzt: ApySIQeVCY7/aWsWAFQRPUECufT/YTIAAA
x-accel-expires: @1985885591
x-cache-lb: HIT
last-modified: Thu, 08 Dec 2022 18:17:56 GMT
server: CDN77-Turbo
etag: "40a06650647bf30ea43092bcfe352c67"
x-77-nzt-ray: 298deb221ea63a9e61d0a8630be92b31
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes

GET
H2 200 4695372_a449_2.jpg
img-c.udemycdn.com/course/750x422/ 70 KB
70 KB 21ms
20ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/4695372_a449_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c8f910c5a4a4c14b8e5fff171341043abc227cb4ba7680ab4570dec83477100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:30:58 GMT
x-amz-version-id: 9dztlogpCasVejLVhyBo_xv_PN38cG32
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 299120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 71364
last-modified: Tue, 24 May 2022 03:53:23 GMT
server: AmazonS3
etag: "6fed6a118ed7251b9960b4bd5e67bb19"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: KwwM1AGS15jueobt3tEKTKUf8B5Ep6SAGx6jpaqu3N_WtK9VD7jLig==

GET
H2 200 4645874_991c_4.jpg
img-c.udemycdn.com/course/750x422/ 64 KB
65 KB 21ms
20ms Image
image/jpeg 2600:9000:2491:a800:15:d7e1:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-c.udemycdn.com/course/750x422/4645874_991c_4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a800:15:d7e1:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 526622079cf4f83beb461a54204302169f7bf709a21ac81023c3303522fe7025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 20:08:25 GMT
x-amz-version-id: KNVcSGV_WmugHGgA0vzYEQM7lcVC_CwN
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 95273
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65968
last-modified: Thu, 21 Apr 2022 13:30:16 GMT
server: AmazonS3
etag: "45705e0bc1a91154f45d9ff81cd18f91"
vary: Origin
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: fqE9n80fB7i_maMFP9F6UFjOYgn63dQIPwPl3Q9p5ajqDWxX_JL1gw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 661C 0
0 80ms
80ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2822467818516514&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E10F 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:50:34 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E10F 0
12 B 38ms
38ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1NDusA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:36:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E76 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT-yyC_4d4M0PV2VBwsMakpODjOpn2hTyRI2VCqHCVwFxF71O5MoS_6Eb3UQU38ub1jPZM8D_dWP7IocXRlJajUerz1ef-3VLf4tc1K9y6VSEq4HAUl9z41trPAhYoXa1fjxEgRw&sai=AMfl-YTwIIzXr0hAdD35rqinA08LEaLs0vADj-b_B-F1eT9qGo7bzplUxjy5-KIopIG002NXNR7Df8otKpYh1SI&sig=Cg0ArKJSzFgkY0xUv4aEEAE&cid=CAQSGwDq26N97wQ6-AJ0YsAMM1Z3yfy0jOZCOql69RgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1080&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1557140693&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672007775880&rpt=1623&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 22:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2822467818516514&bg=!YmGlYSXNAAYgquz3AKo7ACkAdvg8WnzXyLxuCWw67jEmJbKGLzgcHpk0PkAoQb0SDl6nvRRge9a2wQIAAABeUgAAAAJoAQcKAKgd1MoXmXF1nyhIS1ZrljvBcnt1s_x9qAo6pWTqzDyagmS11iIOkBNqsKGxUPtaICh6kim3hTbghlGXjEVhRpP0hdEp7-eU-3WGQKvPqPrQqQOj2EHE-GepgbPJvMHQ5E4Ewt228QYO3ZQTf2yf2Oo1ur3x3no0OjtMX0zxXS-VW75e5TY9mrbQAKkC0B-xC07R76GQHlOcwz6JXNTsp3HNDg07wSbqLw2ZAtXXAQHsaAA6VBD4XDq2HLza9oYlQx5w_NP71L2jIQBhZnH5VAH-OFni3-kRR186zhV9crk6F1-UuROn8YYcxsnfbWcJ-5IG0GpmHsp5Es8ozXv5V-77mHxubRkh-hg-pmbOgv6MOAHkmYm7olLBX1EfHg9wHsFrfGbS303eZCIXJMULIdPex9cG2fCyzydHFrDiAurgYsITqQSNylBGycEuKCt40snbZ_Yd6mJPtj_fNpIrjG6BgURq7zRNgxzjB6pbfBQR4OoB4WXZEll9U7L6wsk1AEdKD0TK3k1G7kVkzFDaejNLujRHtpDwxITNtu9a-waIqPi9EGUD_RafYC9HH9cw0qrZ0sdVobNsi__AbXQKBKGe2Dv4VrnD4xT7S-bk9Ju_8SGwIxVLi-SoOZ9L_ipJWkIz_0sX7RljCOIIAMxOPJynRK9XMIVVMtlEyJxC5sI28Deqjjk0cT6FXepFlzP-s2dFPJTcU612G4W87tmubQJBNYL476YCFs7gKuplIjqMRSydUximd7OdJW1M0vxZbXB7DIPbXxMeNGpBn0y-Aqv94zvKCbS-I63GLxzyMzpglpSBg8Psnpt3KHjtfZL2aO-Y_dEOXcC3BtIsDwuqYCpKvDXZDZzv1nmaDGv5GzB_wwfavE132CcczV5LgOW2ay6nSMKcUEL2GidkIZAPcvrB2K-jfW6Be_qDdKa71d8B-kfS_7cE0fIUyRN45-lbiRuyGsXy2ZUEWix-q65X75pdJrksGAK75EeF8UU48u4HLk3w0z5_hQJZiYq5bi3N-8dBN7hw1t1_e3aLUVy_KCJt5gqLhz5Ht7LPyN908fSl8g2ycl5bs-07MwiLHfFbHA8diMk1zQgSAQgjiy3DTxgh7Y7X1S8UCZmxxii6cz04vGBUMrQSQtEqjlei6kLW6_n0BZOi3ghTz11GJyFriUVBqS0tUSOtl_p7ITBakvaC2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.real.discount/	1969-12-31 23:59:59	Name: sidenav-state Value: pinned
.real.discount/	1970-01-20 18:02:47	Name: _ga Value: GA1.2.96234171.1672007776
.real.discount/	1970-01-20 08:28:14	Name: _gid Value: GA1.2.608814626.1672007776
.real.discount/	1970-01-20 08:26:47	Name: _gat_gtag_UA_9827766_8 Value: 1
.real.discount/	1970-01-20 17:48:23	Name: __gads Value: ID=79b2081811fea847-229a8fc363da0006:T=1672007775:RT=1672007775:S=ALNI_MZSqXnfVU71-7-Lkc59dz_7FvOHIg
.real.discount/	1970-01-20 17:48:23	Name: __gpi Value: UID=00000b9843f160ce:T=1672007775:RT=1672007775:S=ALNI_MamyGxtYv3nZe1OwicfUF5j_i-k3A
.doubleclick.net/	1970-01-20 17:48:23	Name: IDE Value: AHWqTUlEkZyUb5iMvC5lCguJQcX25zl_ve_1P2RvMJkdtV1z4hoeBkC0L24icxuilJE
.doubleclick.net/	1970-01-20 08:26:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:26:51	Name: DSID Value: NO_DATA
www.real.discount/	1970-01-20 08:26:51	Name: session Value: eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiYmNhYWZiMjdhODBiYzZjNDVhYjY1Njc5OWQzYzA3MWY1OTAzYWRkYiJ9.Y6jQYQ.CcD7TNAdZL3RkcyGS57_JDzytsg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img-b.udemycdn.com
img-c.udemycdn.com
ocw.mit.edu
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.dwin2.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.real.discount
151.101.66.133
2600:9000:214f:aa00:f:1dcc:7540:93a1
2600:9000:2491:a800:15:d7e1:d6c0:93a1
2606:4700::6811:190e
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0a::9d
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a02:6ea0:c700::15
67.205.60.228
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0b8fc2c2998438c67b3b8b5fa6fc3c52e62d78c788bd40429280f2193cbbc07c
0e5af6a6429718f411d5d737ba6a49aa28cdfc1a147b0e4ad1473bfd56da9d5e
128a00acebdee1e492b49b7f8301ba5e20f0e73178fc942931221dd78af6a548
15c18b5ce26b80a9d520ce1490a78bdc3610edcfb4045f6455cd3668666bd6bd
16fc761226caa14b391c0ee9915332f6965aaf3c32523e1327728ab81afbae1e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1de39b6863d3c2e4d75a7c1b5a00e27c3175f11276b3b2b0efc8f6af3df05e9c
1ea40af714274e33a07b7b632e5f780287686c1a900ac199fb4d84f359b9768e
2809243489c3cd57106ed5e191fd8914eadffde1c3c1923e1a6370751c616369
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c380bb193a456d8702690382df18e40603f185d250ebc169854e91241d118f
377d1965ee80e707b0c2547a4009790b6bb09fc810663bc282b323357f4ef129
38134ab16b1b99961e50a1151e63e4ba1ef154bab64873fce165aec3c6cad534
3b655385b724c776b0b84a694351efc631f390fb1346235886bb64ad433420cd
3ba3dedda792b083a1d5128217234399d66868a8e92d35865b8684ba3b382818
3fb92b091122dda7f7e179fecf5e812217f0182f1af17ac78230fbce9dda67a8
42a88e962a026cbe6bbd617d152ab9c801de9bbee261b18eb8b3c1e60780b643
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
48d2a6f8f1898f1fdbe0e52cf7ee6c8b72b06dec9721f2891f1cee8d745a9913
49cdfd567154324c58df00ff2758ae96af314723dbc375bff880c39ce580f411
4c515c98519d53326837ab7a4c77b082d1b3a266afcdb66fc1a9f84de083aee5
4ed32f4c0c736fb80820fc3beb1e8ea1e53ee868fa0f00aa8a17e44c61d2ab06
526622079cf4f83beb461a54204302169f7bf709a21ac81023c3303522fe7025
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59094b0955b75f5bae3b14c759319753aef58b7cd44f1c13c4fd5fa33b43f219
5a52e2175522bfdced9cb3c5c6fc7e89d63c4c0ac1c997b57e15769d27c9bb1f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
719b9baeba0421a1c80167c0a412d059a92900fe38f7f6e9a9a154b5f13fddc3
72d212c9daf1e07f9577384267216c6a4837fd2638910e1ffbef33770cb453a5
76574e52eeadeaa07fdeaa9d45d8ed311b9ccf842704d74d0ead21562e0ca33a
781ff5b868a054caab96a802bf51a1e7c1eee3dc6711b0c625ff98e64bc29d34
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
846a80650ca060100958569535536c6b291c8dac7f9bc7cc61779e49cf5534bc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
89a4ade39b2dc6e0cd828fd6e7bdcac9b81921f24de732d9bc51e3c7e12533a8
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
8e9ed986d44788e53629f322fb3c8009ac74876f2517038a0af344b62cb4f704
9114d961fb1e6f5107547e63ef28bd7f67e91a0df7abc304d151af36b577fc3f
9afa55fee4802c35d7c641f8b05c4595a05c353d3ec77b4565edd166a07cd429
9c8f910c5a4a4c14b8e5fff171341043abc227cb4ba7680ab4570dec83477100
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9db4269d2963b6e861797020d82893c0b8b4da5dc8ee8082ab7461f3d437a15d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa51eab764b883ee0f0e0dfb94ad023001e785fefdf2513b8a36c76742b751f6
ab0e931a95e8823c7c0c762191caad35a92a25f25976652387963e7dce6d0273
aff13babc6ae58798670ad27d8aaa7b5f83736925b788bc25b480e78fef5c95a
b25c3ca5099e58e7f707f749ab79a7e298310fe8ae841a238a847f040e130532
b350c789ab57cc3a81c7812edf95ab7e3eabc732897cffacd3f0167b0ecccfde
b42c95562d5971fbfdada39a4723afa29ff7b811c00724d12f2ec16a01954d20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc217b527f50063dbe93d94c7752a09c4201dc349ad5578ce5ec5377d4f0bcb1
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d6d0828f68dd0f1920c9c338b9099734d8914fe63e32d49eb7ebe4f9afa76a51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e288b0deef85b4cc9e65aa1f270d63357736555eabdb15fd91a99dc6b9b0d7a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b9791f87983c0237b084e469c9e6d6897666d791b72aadc4186b018decd896
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbab50e320ae676c1f8f73a014a291984cd2c0c4f624e5fa871683aeee86011f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.real.discount Open in urlscan Pro 67.205.60.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

100 %HTTPS

91 %IPv6

15 Domains

22 Subdomains

23 IPs

4 Countries

2174 kBTransfer

4512 kBSize

10 Cookies

7 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.real.discount Open in urlscan Pro
67.205.60.228 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

100 %
HTTPS

91 %
IPv6

15
Domains

22
Subdomains

23
IPs

4
Countries

2174 kB
Transfer

4512 kB
Size

10
Cookies

85 HTTP transactions
2 data transactions