URL: https://www.entraratubio.sergemult.com/
Submission: On October 25 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 27 HTTP transactions. The main IP is 216.246.113.84, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is www.entraratubio.sergemult.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 10th 2021. Valid for: 3 months.
This is the only time www.entraratubio.sergemult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 216.246.113.84 23352 (SERVERCEN...)
4 151.101.12.193 54113 (FASTLY)
6 142.250.186.66 15169 (GOOGLE)
5 142.250.186.162 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
2 142.250.185.225 15169 (GOOGLE)
1 142.250.186.164 15169 (GOOGLE)
27 10
Domain Requested by
6 pagead2.googlesyndication.com www.entraratubio.sergemult.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 i.imgur.com www.entraratubio.sergemult.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.entraratubio.sergemult.com
0 widgets.amung.us Failed www.entraratubio.sergemult.com
0 richenginner.com Failed www.entraratubio.sergemult.com
0 ajax.googleapis.com Failed www.entraratubio.sergemult.com
0 datavisitas.queplaneas.com Failed www.entraratubio.sergemult.com
0 fonts.googleapis.com Failed www.entraratubio.sergemult.com
27 14

This site contains links to these domains. Also see Links.

Domain
www.mediafire.com
Subject Issuer Validity Valid
entraratubio.sergemult.com
cPanel, Inc. Certification Authority
2021-08-10 -
2021-11-08
3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.entraratubio.sergemult.com/
Frame ID: EB690993AA07D97026B68D8A4A34D6C4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 753417D735B6063570AB41D9648E5084
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=2586775943&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786838&bpp=3&bdt=176&idt=97&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=8601889501071&frm=20&pv=2&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZFVg2b6Kg6&p=https%3A//www.entraratubio.sergemult.com&dtd=112
Frame ID: 74C9B92B02ABC616FDD2B54A2BE1F1FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=1142217882&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=130&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ELdOOLZ65T&p=https%3A//www.entraratubio.sergemult.com&dtd=132
Frame ID: 691D19F6C880D033370FCFADA25CD4B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=1929016449&adf=3613274319&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=133&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=1579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Oo7OdZfgqV&p=https%3A//www.entraratubio.sergemult.com&dtd=137
Frame ID: 0EBC54C47E45EC8F63E6A8B0CA0F1F29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&adk=1812271804&adf=3025194257&lmt=1635137786&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786852&bpp=1&bdt=190&idt=127&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&nras=1&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=132
Frame ID: 44CAE10EBD38F7958FD48AB641D590B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2D18D782FDF6EAC28C27C49CA6E6F922
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E2F9498F840954A68BC0634899A89F7
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Quien Visita Tu perfil 2015 - 2016

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

81 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

10
IPs

2
Countries

257 kB
Transfer

570 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.entraratubio.sergemult.com/
6 KB
6 KB
Document
General
Full URL
https://www.entraratubio.sergemult.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.246.113.84 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
Apache /
Resource Hash
276718b76c616a6d384dfb54d7790c94325ab2f4eefc7f68a8c299d785465a3f

Request headers

Host
www.entraratubio.sergemult.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 25 Oct 2021 04:56:25 GMT
Server
Apache
Content-Length
6324
Keep-Alive
timeout=10, max=500
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
n61cYnh.png
i.imgur.com/
28 KB
28 KB
Image
General
Full URL
https://i.imgur.com/n61cYnh.png
Requested by
Host: www.entraratubio.sergemult.com
URL: https://www.entraratubio.sergemult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
42eb96d485b5d70787f72466a8981ac034e9b9d93fcfdeae755f62848c1daffc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
x-content-type-options
nosniff
age
131336
x-cache
HIT, MISS
content-length
28489
x-served-by
cache-bwi5174-BWI, cache-fra19172-FRA
last-modified
Sun, 02 Aug 2015 18:10:06 GMT
server
cat factory 1.0
x-timer
S1635137787.708521,VS0,VE91
etag
"3d0d91c49b640a5aa8c7281498e936fd"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.entraratubio.sergemult.com
URL: https://www.entraratubio.sergemult.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d27845f3e4bb54a69d82440aeef5ed56efbd52dd27876d7548fe83a7bcc1a530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51393
x-xss-protection
0
server
cafe
etag
2637583637805332102
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Oct 2021 04:56:26 GMT
b9paThJ.png
i.imgur.com/
2 KB
2 KB
Image
General
Full URL
https://i.imgur.com/b9paThJ.png
Requested by
Host: www.entraratubio.sergemult.com
URL: https://www.entraratubio.sergemult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
007bc10d5908e9677ed2002d94aae88ff6655042c5fc579b554afd96677ad859
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:27 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
content-length
2265
x-served-by
cache-bwi5171-BWI, cache-fra19172-FRA
last-modified
Sun, 02 Aug 2015 18:17:57 GMT
server
cat factory 1.0
x-timer
S1635137787.708666,VS0,VE405
etag
"34982e59716a7cc529dd205bcbc72144"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0
bFbvckt.gif
i.imgur.com/
23 KB
24 KB
Image
General
Full URL
https://i.imgur.com/bFbvckt.gif
Requested by
Host: www.entraratubio.sergemult.com
URL: https://www.entraratubio.sergemult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ddaea80aed6c667f8b0f5abad30b09b9f16f24d851e8c827b4d28451dadf7dd5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
content-length
23982
x-served-by
cache-bwi5127-BWI, cache-fra19172-FRA
last-modified
Sun, 02 Aug 2015 18:20:02 GMT
server
cat factory 1.0
x-timer
S1635137787.708685,VS0,VE140
etag
"07e6a90d2abab27c3fcdf24a763e7826"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0
nczl0WT.gif
i.imgur.com/
8 KB
8 KB
Image
General
Full URL
https://i.imgur.com/nczl0WT.gif
Requested by
Host: www.entraratubio.sergemult.com
URL: https://www.entraratubio.sergemult.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
166f35c6c4d1b7bee6ab1fd0f9f42349217c7643189f20b3dbdb43ba1b42e411
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
content-length
7880
x-served-by
cache-bwi5160-BWI, cache-fra19172-FRA
last-modified
Sun, 02 Aug 2015 18:19:02 GMT
server
cat factory 1.0
x-timer
S1635137787.708726,VS0,VE127
etag
"df91ed56518a1ccf5f8efe15258f07b6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0
css
fonts.googleapis.com/
0
0

style.css
datavisitas.queplaneas.com/
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/
0
0

service.php
richenginner.com/panel/
0
0

small.js
widgets.amung.us/
0
0

show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/
270 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Oct 2021 04:56:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 7534
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 24 Oct 2021 15:13:19 GMT
expires
Sun, 07 Nov 2021 15:13:19 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
49387
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cookie.js
partner.googleadservices.com/gampad/
203 B
609 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.entraratubio.sergemult.com&callback=_gfp_s_&client=ca-pub-4241359911645255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
fefa76138e6b70fa5c7b1af5497cc6fd4012fa04233fcaa419ecc787a1b68ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
716 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.entraratubio.sergemult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Oct 2021 04:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
520 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.entraratubio.sergemult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Oct 2021 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 74C9
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=2586775943&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786838&bpp=3&bdt=176&idt=97&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=8601889501071&frm=20&pv=2&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZFVg2b6Kg6&p=https%3A//www.entraratubio.sergemult.com&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=2586775943&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786838&bpp=3&bdt=176&idt=97&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=8601889501071&frm=20&pv=2&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZFVg2b6Kg6&p=https%3A//www.entraratubio.sergemult.com&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 Oct 2021 04:56:27 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Oct-2021 05:11:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 691D
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=1142217882&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=130&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ELdOOLZ65T&p=https%3A//www.entraratubio.sergemult.com&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=1142217882&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=130&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ELdOOLZ65T&p=https%3A//www.entraratubio.sergemult.com&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 Oct 2021 04:56:27 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Oct-2021 05:11:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 0EBC
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=1929016449&adf=3613274319&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=133&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=1579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Oo7OdZfgqV&p=https%3A//www.entraratubio.sergemult.com&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=1929016449&adf=3613274319&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=133&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=1579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Oo7OdZfgqV&p=https%3A//www.entraratubio.sergemult.com&dtd=137
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 Oct 2021 04:56:27 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Oct-2021 05:11:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 44CA
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&adk=1812271804&adf=3025194257&lmt=1635137786&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786852&bpp=1&bdt=190&idt=127&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&nras=1&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4241359911645255&output=html&adk=1812271804&adf=3025194257&lmt=1635137786&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786852&bpp=1&bdt=190&idt=127&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&nras=1&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 25 Oct 2021 04:56:27 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Oct-2021 05:11:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 25 Oct 2021 04:56:27 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c00133dae54a55513840938fa93b26b62e6e9fcb4541c54253837d20dbe5c7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Oct 2021 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8586
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4241359911645255&plah=www.entraratubio.sergemult.com&bust=31063253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 25 Oct 2021 04:56:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2D18
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 24 Oct 2021 22:15:41 GMT
expires
Mon, 24 Oct 2022 22:15:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 6E2F
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
97b915fd7b93d1ebc2c2b7e7ff7e1e46e4a50284177b2e663d4e18c073a7143f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Owi5oZchXoL2NGVjDRHTTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.entraratubio.sergemult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 25 Oct 2021 04:56:27 GMT
date
Mon, 25 Oct 2021 04:56:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Owi5oZchXoL2NGVjDRHTTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js
pagead2.googlesyndication.com/bg/ Frame 2D18
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 21:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
27226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13263
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 24 Oct 2022 21:22:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E2F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=4310368599922563&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=4310368599922563&bg=!cnGlcTXNAAbUs_yW1LM7ACkAdvg8WgmA60m2WXExal1Okb1bXBoGfej_ARhTG6ItHYEJHSA2N7IOLgIAAABTUgAAAAtoAQeZAsTINHMvpXz753K4-xvvTCyUh7_GyBBBTnnNd7CjhIwu0A8WSvc1shqUTQG75-3MY0rzeGy806rnOY6fTHTJgKIzHRBZ3UKw3KlVigbHHhy4G_LzxpG88Wu0Ok3I7pNF3VBOCiDKJIAncHiC2mqxmGTJsP-Qxjt5TlZiv_ekMjhuVi0gQ9cw3dMUmKCiBKfxAxBMr6116kVPBhyjcodiSP7OuVkQuUHpsAup8vzaozYFPPx2Zfwyl9PXiZi3kwp_Khcj02gtJt9H8HggHIhD3W_pP_m61C4Z9Qc36s_qoR91ve-sm1N84lk1H9YiPr2ubzyaEP9q_h0oR0yJ7p5K9fvPNnb1VwV4lmvuaY6LNjCNTjbtHChAA874k-WHe-_Qny6Lla5_lF5sNKLl2nWGJAS0VKNfRx1diSiVN6GQvNM-fC9O4E8z-IpcpXTCJh_WFQ91f5EEt4_28pVpB7V-Kd2FCw34OuTlj_vODs3gAHQKbLsId55EyZu6BIRxvcTplXHKNr3Ezv_QS_lB_MeY_IZbqW0pC6bGNq1oakJKuAApVIYARACgX0MjfQ1PXEIhf3UpNGGaNPlFSSrc_kDyiFjapSyaUlD8gmmGFfhNYmvxFBUFg-z9fFRkoJH-eceh4GlIc5zgMttzePy97QcwNBVSeeWvw6Kad6ttWGbXrbUzhZnvXGaAnSKhmlLaVmAZGJTeEcQm-MuMxdYTP7XyWir_Xj6-StVYj6g5DjcW_UzVVUpJWFrdfybYHNFCDUzpEvPhLhp9LgXrrAJByGIeG4DaD1IIpR6SW1JoY-x5dV5iSTIeERVo5Sbf2iR-JrahwGN8fJ8_-dHCh_dFJ-Ufn8y8gKVUcfXQ9GJZ9e5UDkOChPUvN5jpV13_BM575K4metu-2B__SgVj9liJjJVENyvEeURpuuId-g-thKYD0Qx2npp7I0c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.entraratubio.sergemult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 04:56:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Raleway:400,700
Domain
datavisitas.queplaneas.com
URL
http://datavisitas.queplaneas.com/style.css
Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Domain
richenginner.com
URL
http://richenginner.com/panel/service.php?id=17
Domain
widgets.amung.us
URL
http://widgets.amung.us/small.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| xc object| adsbygoogle object| _wau object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.sergemult.com/ Name: __gads
Value: ID=3a5785259593fe62-2232a297feca0079:T=1635137786:RT=1635137786:S=ALNI_MYdtiVfb5LLBEGEL-1Uh852YGK-fQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

21 Console Messages

Source Level URL
Text
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/n61cYnh.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/b9paThJ.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/bFbvckt.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/nczl0WT.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/n61cYnh.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.entraratubio.sergemult.com/(Line 7)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Raleway:400,700'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/(Line 8)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://datavisitas.queplaneas.com/style.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/(Line 37)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://richenginner.com/panel/service.php?id=17'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.entraratubio.sergemult.com/(Line 44)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/n61cYnh.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/(Line 60)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/b9paThJ.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/bFbvckt.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/nczl0WT.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/n61cYnh.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.entraratubio.sergemult.com/(Line 106)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure script 'http://widgets.amung.us/small.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/(Line 58)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure frame 'http://pickplay.com/juego-playstation.html'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/(Line 93)
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure frame 'http://pickplay.com/juego-playstation.html'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.entraratubio.sergemult.com/
Message:
Mixed Content: The page at 'https://www.entraratubio.sergemult.com/' was loaded over HTTPS, but requested an insecure plugin resource 'http://cdn.abowman.com/widgets/fish/fish.swf?up_fishColor9=F45540&up_fishColor1=4082F4&up_fishColor3=F4404F&up_fishColor4=F2E9E9&up_fishColor7=DE1EE8&up_foodColor=F5F1EB&up_fishColor5=40F4D9&up_fishName=Fish&up_fishColor6=53F222&up_backgroundImage=http://&up_numFish=9&up_fishColor8=F45540&up_fishColor2=F4D940&up_fishColor10=F45540&up_backgroundColor=000000&'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=1929016449&adf=3613274319&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=133&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=1579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Oo7OdZfgqV&p=https%3A//www.entraratubio.sergemult.com&dtd=137
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=2586775943&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786838&bpp=3&bdt=176&idt=97&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&correlator=8601889501071&frm=20&pv=2&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZFVg2b6Kg6&p=https%3A//www.entraratubio.sergemult.com&dtd=112
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4241359911645255&output=html&h=90&slotname=6605803327&adk=403859222&adf=1142217882&pi=t.ma~as.6605803327&w=728&lmt=1635137786&psa=0&format=728x90&url=https%3A%2F%2Fwww.entraratubio.sergemult.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635137786841&bpp=1&bdt=179&idt=130&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8601889501071&frm=20&pv=1&ga_vid=1426001080.1635137787&ga_sid=1635137787&ga_hid=846992678&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063253%2C31062525%2C31063140%2C44748553&oid=2&pvsid=4310368599922563&pem=824&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ELdOOLZ65T&p=https%3A//www.entraratubio.sergemult.com&dtd=132
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
datavisitas.queplaneas.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.imgur.com
pagead2.googlesyndication.com
partner.googleadservices.com
richenginner.com
tpc.googlesyndication.com
widgets.amung.us
www.entraratubio.sergemult.com
www.google.com
ajax.googleapis.com
datavisitas.queplaneas.com
fonts.googleapis.com
richenginner.com
widgets.amung.us
142.250.185.225
142.250.185.66
142.250.186.162
142.250.186.164
142.250.186.66
151.101.12.193
172.217.23.98
216.246.113.84
216.58.212.130
007bc10d5908e9677ed2002d94aae88ff6655042c5fc579b554afd96677ad859
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
166f35c6c4d1b7bee6ab1fd0f9f42349217c7643189f20b3dbdb43ba1b42e411
276718b76c616a6d384dfb54d7790c94325ab2f4eefc7f68a8c299d785465a3f
42eb96d485b5d70787f72466a8981ac034e9b9d93fcfdeae755f62848c1daffc
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
97b915fd7b93d1ebc2c2b7e7ff7e1e46e4a50284177b2e663d4e18c073a7143f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
c00133dae54a55513840938fa93b26b62e6e9fcb4541c54253837d20dbe5c7ac
d27845f3e4bb54a69d82440aeef5ed56efbd52dd27876d7548fe83a7bcc1a530
ddaea80aed6c667f8b0f5abad30b09b9f16f24d851e8c827b4d28451dadf7dd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fefa76138e6b70fa5c7b1af5497cc6fd4012fa04233fcaa419ecc787a1b68ae1