whoisip.ovh Open in urlscan Pro
2606:4700:3033::6815:59f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://whoisip.ovh/
Effective URL:
https://whoisip.ovh/
Submission: On November 21 via api (November 21st 2023, 10:24:38 pm UTC) from US — Scanned from DE

Summary HTTP 168 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 32 domains to perform 168 HTTP transactions. The main IP is 2606:4700:3033::6815:59f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is whoisip.ovh.
TLS certificate: Issued by GTS CA 1P5 on November 9th 2023. Valid for: 3 months.

This is the only time whoisip.ovh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:c01b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3033::6815:59f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:4109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 23	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:b34:3da1:cf11:a756	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.123.247.10 3.123.247.10	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.42.237.35 13.42.237.35	16509 (AMAZON-02) (AMAZON-02)
168	36

1 2606:4700:3036::ac43:c01b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

whoisip.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::6815:59f2 (United States)

ASN13335 (CLOUDFLARENET, US)

whoisip.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4109 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.where.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ip4.city	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:b34:3da1:cf11:a756 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.247.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-247-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.68.89 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.237.35 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-237-35.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	585 KB
33	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	238 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com	178 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	316 KB
10	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	1 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	446 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
7	whoisip.ovh 1 redirects whoisip.ovh	62 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 18131	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954 static-de.ad4mat.net — Cisco Umbrella Rank: 188473	1008 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	37 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 100456	495 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	762 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	587 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	172 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	542 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
1	ip4.city api.ip4.city	552 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	24 KB
1	where.ovh cdn.where.ovh	5 KB
168	32

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	whoisip.ovh pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	www.gstatic.com	googleads.g.doubleclick.net
9	www.google.com	5 redirects whoisip.ovh googleads.g.doubleclick.net tpc.googlesyndication.com
8	cm.g.doubleclick.net	1 redirects whoisip.ovh googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	whoisip.ovh googleads.g.doubleclick.net
7	whoisip.ovh	1 redirects whoisip.ovh
6	assets.ad4m.at	as.ad4m.at
6	www.googleadservices.com	whoisip.ovh
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	fonts.gstatic.com	fonts.googleapis.com
2	www.awin1.com	1 redirects as.ad4m.at
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com
2	www.google.de	whoisip.ovh
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	whoisip.ovh www.google-analytics.com
2	stackpath.bootstrapcdn.com	whoisip.ovh
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	whoisip.ovh
1	a.tribalfusion.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	api.ip4.city	whoisip.ovh
1	cdnjs.cloudflare.com	whoisip.ovh
1	code.jquery.com	whoisip.ovh
1	cdn.where.ovh	whoisip.ovh
168	43

This site contains links to these domains. Also see Links.

Domain
localizarip.ovh
adresseip.ovh
indirizzoip.ovh
meineip.ovh

Subject Issuer	Validity	Valid
whoisip.ovh GTS CA 1P5	`2023-11-09` - `2024-02-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
where.ovh E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ip4.city E1	`2023-11-07` - `2024-02-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://whoisip.ovh/
Frame ID: 238B98542F7E050F6206CB9377BD016B
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 4FC6725DC737169508C2DA74DC068CC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&slotname=1993947993&adk=2855005393&adf=2689116385&pi=t.ma~as.1993947993&w=970&lmt=1700605473&format=970x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473044&bpp=3&bdt=390&idt=216&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=4215663781781&frm=20&pv=2&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: 092379308AAE9BC2E7999791FFA922F2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&adk=1812271804&adf=3025194257&lmt=1700605473&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473048&bpp=8&bdt=395&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&nras=1&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=264
Frame ID: 97DA3FC1C0CAC46496C10220F959B7ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0EE6B443CC1F7FD28916E7589AAA7C81
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Frame ID: D46BD2FC1DB4303357B9BBAF23C7EB15
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Frame ID: 52554D7F63769805E8063B36948A9373
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 9D02C3D3A6EE6BD0F635041AD47B1736
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A8E2E96851FAC4E58D41CA06219828E6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8286BD74864D6B47E163865055C571F0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4FA45FF2B6CDC0C3DE59FB634FEF6070
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4D8DD68829497CFDDD09EB3E76130206
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A8D51CF9F72725C7A6F75F7918C5F66
Requests: 2 HTTP requests in this frame

Frame: https://p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 92A4B8A47B7E51BAA28E4BB48AA2BF2B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D916C7C0851DF14BD668B96D942E026
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1005F9FB35671DC4AF71F054366483E4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC6801966615793D16EB0C1E6B60FA00
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5D9844D4635F162E8CB6545238E44E26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BDC34B820E4DD7ACC6C248CB20752B26
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D
Frame ID: 9ECC1CB824632F229E50867E79814731
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: C8CE5BBEB815D81F232337D636761C66
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F1D85F77D31C18AE0FB2CE13CCBEDBA1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: A475815C96565F2D853CBB3C1616D8E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 85D8B44F56011334A27A553929A2981D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: A68E2BDEDD951270D7DF7B434E815262
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 330E8571CF970269DBE955DC0F45E8A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 802786166C914E8B69E7B69B9AF8EE58
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C34B31408C8CF8FD90A4AAD7BE7BD5F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Frame ID: 54DBA6F785A95590119F17668AA962BE
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4E877F56489B746F524C0FB5CC4B7B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B133AF9E86AA5794E252DDC664FBE326
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My IP - What is my public IP Address

Page URL History Show full URLs

http://whoisip.ovh/ HTTP 301
https://whoisip.ovh/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

168
Requests

93 %
HTTPS

68 %
IPv6

32
Domains

43
Subdomains

36
IPs

7
Countries

2012 kB
Transfer

5492 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://localizarip.ovh/
Title: Whois IP

Search URL Search Domain Scan URL

URL: https://adresseip.ovh/
Title: Adressse IP

Search URL Search Domain Scan URL

URL: https://indirizzoip.ovh/
Title: Indirizzo IP

Search URL Search Domain Scan URL

URL: https://meineip.ovh/
Title: Meine IP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://whoisip.ovh/ HTTP 301
https://whoisip.ovh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 46

https://googleads.g.doubleclick.net/pagead/adview?ai=CtLXZIS5dZb_OE_OI9u8PnZK9qAWbmtutdIbbmK6gEqeEzbrfQRABIOrSkxlglcL-gZQHoAHd8KrAKsgBAagDAcgDywSqBNIBT9A_jnKYP83JYuvjLmMR6XQHD4G56j8K_0l6VHBEnUn84UJE35Xtlev-18U0bdDHBPveBG888R7tSM9ye3XH0FMOgM5R7R_4HGC8gyhwFw0a6mFcW8_aFkzr5qe9h9JDtLbkN7UkArk47_6-8mYIrIZgRgAqAONnfSPrL_TDEbb8a1N6a76VrRMwmpJ-RhFtxrgOHNsTrKnIUDG3XRHBYdKaFkvRbZjZDJlJpvb6K8EKRxpGIgOeu1WrDQ5I3Jip017W5KNgw6ABgmm0pmqhNnJ3wATcwKT91wSIBeKK8bpNkgUECAQYAZIFBAgFGASAB92o-58FqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpZsY0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJiAFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZFBhZ2UuaHRtbD9jYW1wYWlnbl9pZD0yMDc5MzAxNzY5OCZhZGdyb3VwX2lkPTE2MTA1NTU4MDI1MiZwbGFjZW1lbnRfaWQ9d2hvaXNpcC5vdmgmY3JlYXRpdmVfaWQ9NjgxNTE5ODgwOTU1gAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMC0BUBmBYBgBcBshccChoIABIUcHViLTQ0MjAxODcxOTM1MTA5OTIYAA&sigh=ttn6mpi6qXY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaN-t-_xr5nIwFdQb_tAK87912ZliB0x3c4KuT30efp8GEWQ6lJKV2FCSkNvAJde0SImUwkSe1diyJLn67BxMQHLHi9D5LUPBAY5hgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210248786733191681660%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228038020046268034801%22}&andc=true

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 109

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHzxx5FGaOQ2uqKpelRmCHs&google_cver=1&google_push=AXcoOmRcYwqttiGxJ1wolIhjq1ZD8aZKdVhqd22ACsWmFdlIE5oT6B31v3MePfWpEDRsh0o8IB6O3V8BkpdJdrfUaGAkqUnbvVn6UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHzxx5FGaOQ2uqKpelRmCHs&google_push=AXcoOmRcYwqttiGxJ1wolIhjq1ZD8aZKdVhqd22ACsWmFdlIE5oT6B31v3MePfWpEDRsh0o8IB6O3V8BkpdJdrfUaGAkqUnbvVn6UA

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHkd8RWIY82E5p2pvRiF8hY&google_cver=1&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYWrBZqz0O-b78ESo5kY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDA0NDg5ODUyNDM5NTY1OQ%3D%3D&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYWrBZqz0O-b78ESo5kY

Request Chain 113

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDZ8-p40vz2i3w6M1euOacg&google_cver=1&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1TfROI7oiwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1TfROI7oiwQ&google_hm=eS1TcDJqSFBwRTJwSGZvQXhjSXU3VFBCWUF3OWRGbGNZcH5B

Request Chain 129

https://googleads.g.doubleclick.net/pagead/adview?ai=CcrYcIi5dZd_JC6SJ9u8Phoq3iAyutOWXdJiQ76i3EsOw-pTeOxABIOrSkxlglcL-gZQHoAGk5rSjA8gBCagDAcgDywSqBL4BT9AyViWiI_0JG8Q70xTp_K2JQ1RvwxgW_Nz_YYrOseV_qR5RQcB18gKOv6Q6odJ3CJml3NDSGEioWHLL9QaaeEqqj8M3wXIn7u5H7vvkcv1GZxG0HjltMij8uXoX6DF0hyPe3RK3_Ud1rRhOXwglG54Y1mTjKaPzhivn8AfNjQlKqD1q3MQawt9E0QoaZKJJGzUxd6nYuTXLL1cpblkvC8gjB2PSf4Xa8e-Co57-oEIsObfMx7AsI7xiIG88GMAErtvqrcQEiAWOs96TTZIFBAgEGAGSBQQIBRgEoAYugAfEmctcqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvecT0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJOmh0dHBzOi8vYnJpZ2h0ZGF0YS5jb20vbHAvc3dpdGNoZXJzLTNiP2t3PSZjcG49MjA3MTA5MjI2MziACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQK4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTQ0MjAxODcxOTM1MTA5OTIYAA&sigh=OA1THd-xeV8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNa2iyDWrZas5rHY36VnbQN0MXdcxB554dqZM8qrkxxbH1GY-o9sWHkCIr80AxkO2q5L3-_1ELGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224578340381892356950%22,%22debug_reporting%22:true,%22destination%22:%22https://brightdata.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879571748%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217960013876586070449%22}&andc=true

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CGg6JIS5dZde3FcS_9u8PseGV-AKi86ORdLOQv7KpEv_Y1qq8ARABIOrSkxlglcL-gZQHoAHnvqasAsgBAqkCWemeMv5Msj6oAwHIA8kEqgS_AU_QOvj6yHPdGmNy2ZVTMIMxzHsJ1lTCgYo5yRIN-UgPrQ0g6YN0EAKLGiczsm7NVR44fYoZ5CmJbeX8dtLUQmQFcqTSlx7v2Uxicb-PizXusm1EGHoJKXDwld3ZeDH5VZ1hC2ngNa6F1TppddrdsR7_AI29UjkjQCuOImLk50x4iISUmfueOV7oBHvyLKMscHvnxKzyU--7lVPppuH30RpzXyoI_xfijbRsdpcpRpjOkpksLviaStddWKyLznbywATlwuTBtwSIBdHljK9NoAYCgAeBwdnTAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEK_EGdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCS9odHRwczovL3d3dy52aXNpdGN5cHJ1cy5jb20vY2hyaXN0bWFzLXZpbGxhZ2VzL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDQyMDE4NzE5MzUxMDk5MhgA&sigh=G8J3V-apfYs&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNmqTOFQkXgHbn8ale-DBDFwZnhGepwQgTgrjRwyEUQFNHmdsHS4ql2LFE5Jw1ZTU44piM19gm4Uqm_cfS9tiQyYQhpYCiHUQnV1sYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211591414436362053612%22,%22debug_reporting%22:true,%22destination%22:%22https://visitcyprus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22629776231%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214480356262269013057%22}&andc=true

Request Chain 134

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1&google_push=AXcoOmQG7ixshkLlQmlvHSijYe2rLWCrbqgnMLZlqWSOJ69fV2ws-qUzpItghHPq6Y7yuqQl1izlvdh0lIo8sFUmUI-tSEkWBTGkpiWIxVLR0xSqCJePdkidMFqYSTLOws0LwOM83_vwELy3RQOY-RZ0xCU-ufU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0ODY3Mzg0NDc3Mjg4ODkwMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1

Request Chain 136

https://um.simpli.fi/gp_match?google_gid=CAESEE5D_aOL7MLIYLCJbirV1ks&google_cver=1&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjqlnUd1oPQmTJZgUt49PxCTjJsIS5aoZK7-PEBXOLkH2_BBiqM-kQhY0WbhwHtvLZ6re-NOq4A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B01D78437714D629E1DB696D7C0EF4A&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjqlnUd1oPQmTJZgUt49PxCTjJsIS5aoZK7-PEBXOLkH2_BBiqM-kQhY0WbhwHtvLZ6re-NOq4A

Request Chain 139

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFL2lfcK8Bs52h1oKzPXMMA&google_cver=1&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50PlUxcpzq2NFx1rWHaiH1wkuFAFtmN_ts5Ed7degMc7Lm1ejAef-E3cnOQanCn99M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50PlUxcpzq2NFx1rWHaiH1wkuFAFtmN_ts5Ed7degMc7Lm1ejAef-E3cnOQanCn99M&google_hm=eS1ScHRsU01KRTJwRzRfNEtCaUpRSndvVW1mNUJiWmxPRH5B

Request Chain 161

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1700605476_c086e840-88bc-11ee-92fe-22394270969d&insert=AW&&gdpr=0&gdpr_consent=

168 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
whoisip.ovh/
Redirect Chain

http://whoisip.ovh/
https://whoisip.ovh/

16 KB
5 KB

179ms
92ms

Document
text/html

2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoisip.ovh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 84f11e112e0a937df7b3f115ed3a87713d628dce86c247190e7147445252d2ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 829c57eb98d41c0f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 22:24:32 GMT
expires: -1
link: </favicon.ico>; rel=preload; as=image, </c/css/style.css>; rel=preload; as=style, </c/js/script.js>; rel=preload; as=script, </c/css/style-defer.css>; rel=preload; as=style, </c/fonts/open-iconic.woff; rel=preload; as=font
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5phuRXNKWEiG4r8vn7zJHtYPnI6rUKFTO6nYYz%2B335P6Z81SaklKb9Ek2R%2Bco2ncDOHYMv6tIA6f3yp8VlQQ2TE1zu7MSDZer5E%2F1F5GozdKlsuLRGMR0ZzEVK1lFI6RN5Enu5CmKIh3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

CF-RAY: 829c57eacb521e5b-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 21 Nov 2023 22:24:32 GMT
Expires: Tue, 21 Nov 2023 23:24:32 GMT
Location: https://whoisip.ovh/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smELk23g%2Ftpt%2FSCe%2Bu0dLykeF0KXyTCcty9jVXkfUXh8RWXeQ9MM569KjQIEk34la0KSICZlIUq3YplWz3yQgrdzTBAQoBmg1Mju%2FMUGIdhxSk1Y31IgtIscluV%2BiQSmt4ADeGKmz0%2BlCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 favicon.ico
whoisip.ovh/ 1 KB
1 KB 73ms
71ms Image
image/x-icon 2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whoisip.ovh/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 26837b83c678fe62f1b525dc2688fba3517c5f7f4a07f4b1b76f0c10db789b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 11 May 2022 09:57:09 GMT
server: cloudflare
etag: W/"999ca97a1d65d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm6Gt%2F8TV6TvEbOssbK070BRnAxj7w75%2Bg8RYWFk%2B%2BycJ2aKVlwGpXQMo00jWAYsazWwBQBEi%2BNeiWBtfpBgKIGYGYrhghUKeGG9wkwBn4Z9PQ6cBdxQb1mo9JThWsS0NCO%2Fo9AbpNdPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=86400
cf-ray: 829c57ec393d1c0f-FRA
expires: -1

GET
H2 200 style.css
whoisip.ovh/c/css/ 5 KB
2 KB 49ms
47ms Stylesheet
text/css 2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoisip.ovh/c/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b07a63b8ae98fbcd00d5651a251a1506de80b4e9d6600107c81cb8e471f8a545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 59838
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Tue, 21 Nov 2023 05:47:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhgDbjDWY1E8RBmTy0dqW%2FxoEzjFNaa8tjlmWrdjE2ANWVo%2FN8tWVRTKvUyVwD6LAhslcQCpXyEVQiRtLPpzN%2FKMtQQw8nGso04RAS6RytOYK9P13ZscwmbKgQOiJL8RROnDabWyMbsgng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=2678400
cf-ray: 829c57ec39391c0f-FRA
expires: -1

GET
H2 200 script.js Show response
whoisip.ovh/c/js/ 7 KB
3 KB 49ms
48ms Script
text/javascript 2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoisip.ovh/c/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7837e6654e2abc1d842874a9a9be1d517dccd8046602006e8016afac882db884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 308042
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Sat, 18 Nov 2023 08:50:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TO8Ky9BqY%2FFZX8R6shSMVFMwd65xLn1NWVYpOsp9488YVq3U0xh%2F9Mnbbx%2BmiESdWFf9pgsunv6q12%2BFmNweyhS%2BiTCFFQ%2BBo51FWR1LYMKlhlUtOEH4A2sukyN6qRDi3PHTpi3%2FnOjGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 829c57ec393c1c0f-FRA
expires: -1

GET
H2 200 style-defer.css
whoisip.ovh/c/css/ 69 KB
35 KB 50ms
49ms Stylesheet
text/css 2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoisip.ovh/c/css/style-defer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 793b876b88b6b5bfee9ee822653270ececf300c3466a3b940369f1d14e6e5159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 59837
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Tue, 21 Nov 2023 05:47:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3yGqjv2Gfp7AP2Y%2BenapFLmO%2FSRY%2FOLUnihM3hr4jogHQF8%2BATJ3lTfbj63vlMzSJLe8MQRsufbcY7jQtKQh7OUUvvXtcrEGOoM9xK25%2F9OGB1DX874pUTkrBIPv%2F%2FpJLYMLecLSumm9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=2678400
cf-ray: 829c57ec393b1c0f-FRA
expires: -1

GET
H2 200 css
fonts.googleapis.com/ 1 KB
882 B 136ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47766ba3fc1fd86f1e5464627e3eb6cb377f4b81a3b3a63dd70d8958836352d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 20:41:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:32 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.2/css/ 139 KB
22 KB 163ms
54ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.2/css/bootstrap.min.css

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whoisip.ovh/
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 1693652
cdn-cachedat: 03/10/2022 17:34:42
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"88d1b1c0fd447a75e6e60a61ca041aae"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: df1c5494fd59f06a979116596dfd318e
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 829c57ece8931bcf-FRA
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 200ms
97ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b0508d8ce769df096815028f86f4d81ffd3b5d9639e3fe910b28357a4cbd91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52999
x-xss-protection: 0
server: cafe
etag: 12173990436527475261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:32 GMT

GET
H2 200 US.png
cdn.where.ovh/i/whoisip.ovh/images/flags/150x90/ 4 KB
5 KB 182ms
55ms Image
image/jpeg 2606:4700:3037::6815:4109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.where.ovh/i/whoisip.ovh/images/flags/150x90/US.png
Requested by: Host: whoisip.ovh
URL: https://whoisip.ovh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c218b9600b19b3d10bcb88fa3f42b11caa2a304a21cf1157629882c5d5c3b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
cf-cache-status: HIT
x-cacheable: Cacheable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 12002
x-iplb-instance: 52655
x-cdn-pop: rbx1
alt-svc: h3=":443"; ma=86400
content-length: 3923
x-request-id: 204964436
x-aspnetmvc-version: 5.2
last-modified: Tue, 21 Nov 2023 19:04:30 GMT
server: cloudflare
x-cdn-pop-ip: 51.254.41.128/25
x-iplb-request-id: AC4786A9:A3CC_2E69C9B7:0050_655CFF3E_6C334:5C6B
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYXB%2F8uI54ApofLcYKBz%2F3rnsbzKL18f48dmEGbMfsDmMzpss0vx2Jh%2F2tCk3r2a3Cark9T4erFtW5Los2h10OitGatKmCn%2Fmor6HyYEZL8Y55cUgluqKWWqwLERHOQ6KqUuw4mTHDqixqhD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 829c57ed0b173c8d-CDG
expires: Thu, 21 Dec 2023 19:04:30 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 192ms
58ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: whoisip.ovh
URL: https://whoisip.ovh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://whoisip.ovh/
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5804873
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-sof1510036-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700605473.815703,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 118, 491584

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 130ms
48ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://whoisip.ovh/
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 682503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxzH0OENjYbW1NisO0sRy%2Fxg%2Fesh7emTnaUANutPUQsBFz22FZErLRZmc1wU7BsNAA2umkjmxccwan9jkMNrSZPEPqD3MceY4r6cYBRpHtsj01MfFGB4qKLF05DYcB9Pnf857bnvs%2FTSh3vceaW2BlBF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829c57ecdaa291fb-FRA
expires: Sun, 10 Nov 2024 22:24:32 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.2/js/ 50 KB
15 KB 138ms
50ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.2/js/bootstrap.min.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e2349686b7e697ee0f1a996c68505226660f60b2c2fd7f6ddaa2ca9196e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whoisip.ovh/
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 1120225
cdn-cachedat: 08/20/2022 02:39:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"f92a3f337500984fbd20487501257dae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 34b725575e91e55b6961e03a323affa9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 829c57ece8941bcf-FRA
cdn-requestpullsuccess: True

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ 15 KB
16 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:04:28 GMT
x-content-type-options: nosniff
age: 444004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15788
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 19:04:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 144ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 21:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2095
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 21 Nov 2023 23:49:38 GMT

GET
H2 200 iseuro Show response
api.ip4.city/v1/ 26 B
552 B 158ms
50ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ip4.city/v1/iseuro
Requested by: Host: whoisip.ovh
URL: https://whoisip.ovh/c/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6d9136bd6ca7926a735ef7b05650df601e0345cb1d35833738b7f0f062d0cb53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 750211
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 26
last-modified: Mon, 13 Nov 2023 06:01:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpfrao4XyE2GJogg5PuZnRCh159OFHypfWYrbFyl0OVDO9yxdaXwMeOAgM8xjo0qJv0BvWX1s8%2FLRy9YPkbglWnrgqDrnOASBZ%2FYMA4yDATaXNP3aRDtCryinbe3yjU11KjeXAQFXIInTUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7889400
accept-ranges: bytes
cf-ray: 829c57ee4d2f3671-FRA

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 862f5fb6da8360b6b8b295fafc5b7736c99513ebcb5e829e3755ac9481a7e63d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df874efb2ef39fb3b7ef9b208691bd23c651a4f82d08b3aa6e6b37bc0c1c48b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 open-iconic.woff
whoisip.ovh/c/fonts/ 15 KB
15 KB 48ms
48ms Font
application/font-woff 2606:4700:3033::6815:59f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoisip.ovh/c/fonts/open-iconic.woff
Requested by: Host: whoisip.ovh
URL: https://whoisip.ovh/c/css/style-defer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7193ea5654497d2356d0a690e3e50f39767fbff4335e57a3443c1435d648a1f2

Request headers

Referer: https://whoisip.ovh/c/css/style-defer.css
Origin: https://whoisip.ovh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1696868
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 11 May 2022 09:57:48 GMT
server: cloudflare
etag: W/"da7e3911d65d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKv9dV6529hGX0HUFFFYfkRZIgRr4bYMQHqADKOuGHpbsR5Z4PPHyz%2FPEVvsRY1vn1x%2FPNckW1KiCNOrG82Pttj8iJiKovmi3eAax5ArebEi64czSz9zqzcaddOa743dsH0OEFC4UnWyBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=2678400
cf-ray: 829c57edcabf2c57-FRA
expires: -1

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4FC6 9 KB
4 KB 127ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
136 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420187193510992&plah=whoisip.ovh

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887f108aff33ff425e7dc9fae18e1e1e0b3bb84067defb3c737662cc66545c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138524
x-xss-protection: 0
server: cafe
etag: 11892577053185166532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1837584075&t=pageview&_s=1&dl=https%3A%2F%2Fwhoisip.ovh%2F&ul=en-us&de=UTF-8&dt=My%20IP%20-%20What%20is%20my%20public%20IP%20Address&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1899623340&gjid=1656254459&cid=1287855531.1700605473&tid=UA-214565-50&_gid=1151456816.1700605473&_r=1&_slc=1&z=128473974

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e31a3d0e11e9deaa6c8364d6d2c7c1a9eec20d79bfaee6a3950deaaacdbbfb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whoisip.ovh/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whoisip.ovh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 145ms
47ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-214565-50&cid=1287855531.1700605473&jid=1899623340&gjid=1656254459&_gid=1151456816.1700605473&_u=IEBAAEAAAAAAACAAI~&z=1027615837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whoisip.ovh/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whoisip.ovh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 147ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9EMH4TSY6K&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6407295926c0d149c5c820683c17b8e3480d2f5f02d18bcfdbb98196afd63ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 22:24:33 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0923 123 KB
42 KB 398ms
396ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&slotname=1993947993&adk=2855005393&adf=2689116385&pi=t.ma~as.1993947993&w=970&lmt=1700605473&format=970x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473044&bpp=3&bdt=390&idt=216&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=4215663781781&frm=20&pv=2&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420187193510992&plah=whoisip.ovh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5f82faf948dc7884eb13e28121bb45ad7e121d0209672608115bb4b31d92384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:33 GMT
expires: Tue, 21 Nov 2023 22:24:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97DA 652 KB
115 KB 627ms
627ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&adk=1812271804&adf=3025194257&lmt=1700605473&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473048&bpp=8&bdt=395&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&nras=1&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=264

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c95d3dc0b11b9b566cdfe025ace743ccc6c4bf6ebd6f7286c58b06a3d1daae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 117125
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:33 GMT
expires: Tue, 21 Nov 2023 22:24:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieConsent&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 143ms
51ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-214565-50&cid=1287855531.1700605473&jid=1899623340&_u=IEBAAEAAAAAAACAAI~&z=1758763118

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 140ms
50ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-214565-50&cid=1287855531.1700605473&jid=1899623340&_u=IEBAAEAAAAAAACAAI~&z=1758763118

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 136ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9EMH4TSY6K&gtm=45je3b81v9139031286&_p=1700605473126&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1287855531.1700605473&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwhoisip.ovh%2F&dt=My%20IP%20-%20What%20is%20my%20public%20IP%20Address&sid=1700605473&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1040
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9EMH4TSY6K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whoisip.ovh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 50ms
48ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9EMH4TSY6K&cid=1287855531.1700605473&gtm=45je3b81v9139031286&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9EMH4TSY6K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whoisip.ovh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9EMH4TSY6K&cid=1287855531.1700605473&gtm=45je3b81v9139031286&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1879799813

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 0923 9 KB
4 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&slotname=1993947993&adk=2855005393&adf=2689116385&pi=t.ma~as.1993947993&w=970&lmt=1700605473&format=970x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473044&bpp=3&bdt=390&idt=216&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=4215663781781&frm=20&pv=2&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 0923 11 KB
5 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:25:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0923 14 KB
1 KB 50ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0923 2 KB
903 B 41ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0923 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0923 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0923 20 KB
9 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0923 202 KB
64 KB 184ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:33 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 0923 37 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EE6 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&slotname=1993947993&adk=2855005393&adf=2689116385&pi=t.ma~as.1993947993&w=970&lmt=1700605473&format=970x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605473044&bpp=3&bdt=390&idt=216&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=4215663781781&frm=20&pv=2&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0923 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4798703a3ac26f597595c1da6fe3e67fd0bf5a5e4be87239256c61dc3272097f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EE6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:33 GMT
expires: Tue, 21 Nov 2023 22:24:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b461e28398566c5400381c27546e3c6d5e6ea790d53afa6ac2c64148772ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55796
x-xss-protection: 0
server: cafe
etag: 1094707591277047806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0923 33 KB
33 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 47716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D46B 121 KB
41 KB 452ms
451ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17863c09b9c2c8bb76b626b2d594fe829116afd1a32919a7b3a29c4b8f64f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41767
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5255 47 KB
17 KB 627ms
626ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a86dbcea9c72ec11bc2d2b2bab7224cd74cc058126f5e4b50945da5b038e26c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0923
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtLXZIS5dZb_OE_OI9u8PnZK9qAWbmtutdIbbmK6gEqeEzbrfQRABIOrSkxlglcL-gZQHoAHd8KrAKsgBAagDAcgDywSqBNIBT9A_jnKYP83JYuvjLmMR6XQHD4G56j8K_0l6VHBEnUn84UJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210248786733191681660%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:...

0
0

166ms
81ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210248786733191681660%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228038020046268034801%22}&andc=true

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10248786733191681660","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"8038020046268034801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Nov 2023 22:24:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 22:24:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10248786733191681660","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"8038020046268034801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D02 39 KB
15 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 179ms
74ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 22:24:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame A8E2 9 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 8286 9 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 4FA4 9 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 4D8D 9 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame A8E2 4 KB
671 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:46:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A8E2 205 B
229 B 44ms
43ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 428258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A8E2 604 B
628 B 45ms
44ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:43:12 GMT
x-content-type-options: nosniff
age: 63682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Nov 2024 04:43:12 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A8E2 15 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:27:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A8E2 21 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 03:59:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8286 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A8D 143 B
166 B 43ms
41ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 92A4 247 B
869 B 207ms
80ms Document
text/html 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

2d12ef325398950232a9ea544abbea3b8ea75e6d939e009c9650dbd9348e0f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-7-lVjYjMnuzj4h2a1qw8gQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8286 3 KB
1 KB 51ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8286 20 KB
8 KB 46ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 200 11687736229589434308
tpc.googlesyndication.com/simgad/ Frame 8286 30 KB
30 KB 59ms
51ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11687736229589434308?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlcYKXa5AvmFhd6crpblcFwf8sYWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbc35c6b9f0c8df77c5094917473ea8852ecfa1f0df0b67164dcc3ee526b1e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:00:44 GMT
x-content-type-options: nosniff
age: 347030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30271
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 12:20:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 22:00:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8286 202 KB
64 KB 160ms
153ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8286 36 KB
15 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:27:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4FA4 14 KB
1 KB 48ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:23:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4FA4 2 KB
861 B 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4FA4 23 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D91 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4FA4 3 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4FA4 20 KB
8 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FA4 202 KB
64 KB 193ms
193ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 4FA4 37 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 4D8D 9 KB
4 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H3 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 4D8D 11 KB
5 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 08:31:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4D8D 14 KB
1 KB 51ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4D8D 2 KB
856 B 53ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4D8D 23 KB
9 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4D8D 3 KB
1 KB 58ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4D8D 20 KB
8 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D8D 202 KB
64 KB 160ms
157ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 4D8D 37 KB
15 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1005 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:53:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1005 2 KB
822 B 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1005 23 KB
9 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC68 143 B
166 B 44ms
41ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1005 3 KB
1 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1005 20 KB
8 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1005 202 KB
64 KB 164ms
155ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 1005 37 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A8D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D91
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
48ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D98 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D46B 4 KB
655 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D46B 2 KB
822 B 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4008003849892960885/ Frame D46B 26 KB
26 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4008003849892960885/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4038bc0f0b531b5ef4c8b0b82792449b1945587e4fe30a65a148c2b9e3c588fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
age: 152644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26841
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 09:10:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 04:00:30 GMT

GET
H3 200 6865124085485204413
tpc.googlesyndication.com/simgad/ Frame D46B 2 KB
2 KB 55ms
55ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6865124085485204413?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a064df123f1dff818911f2dd639af670a8a943a1d4ee7c5c23f31b216f88a72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:00:21 GMT
x-content-type-options: nosniff
age: 152653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1997
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 10:22:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 04:00:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D46B 23 KB
9 KB 47ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:17:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D46B 3 KB
1 KB 60ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BDC3 1 KB
643 B 46ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D46B 20 KB
8 KB 50ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D46B 0
0 55ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaFlVM2gSs8CI_XF7PsqKiLt6Ms4awB_p8UNEiJsu1-8b_rvWL7jCc88dmYmgT1397fyy2vQKvSaJGfBfDLLQCeAd9xg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D46B 202 KB
64 KB 97ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:34 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame D46B 37 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 92A4 5 KB
2 KB 76ms
75ms Document
text/html 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

97d58ac7d40861f4ba814dbf2b7001ff68d387628df318cde1982cfde0c20175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-CZK4Jud4PfWSN5wRUo-sEA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D98
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
57ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
expires: Tue, 21 Nov 2023 22:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame BDC3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7...

43 B
420 B

234ms
210ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: whoisip.ovh
URL: https://whoisip.ovh/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829c57fc595465d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 310
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEBAruwLeRO0_zUE_TrtBt4&google_cver=1&google_push=AXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFx9Vur1mG1thVulRORttNigh0bRaW3RetiN8JphPWGanU-jW2nGe-4SeJqFFhTp3ZjZ5Rg7cqM17OKwKvWhx4MPkmY_7Fy34%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829c57fae85b65d6-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDC3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHzxx5FGaOQ2uqKpelRmCHs&google_push=AXcoOmRcYwqttiGxJ1wolIhjq1ZD8aZKdVhqd22ACsWmFdlIE5oT6B31v3...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHzxx5FGaOQ2uqKpelRmCHs&google_push=AXcoOmRcYwqttiGxJ1wolIhjq1ZD8aZKdVhqd22ACsWmFdlIE5oT6B31v3MePfWpEDRsh0o8IB6O3V8BkpdJdrfUaGAkqUnbvVn6UA

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230115-FRA
pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700605475.030809,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHzxx5FGaOQ2uqKpelRmCHs&google_push=AXcoOmRcYwqttiGxJ1wolIhjq1ZD8aZKdVhqd22ACsWmFdlIE5oT6B31v3MePfWpEDRsh0o8IB6O3V8BkpdJdrfUaGAkqUnbvVn6UA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BDC3 70 B
149 B 182ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ0XHhbL3QpLxD7yFSAfuks&google_cver=1&google_push=AXcoOmQyNADxb_2S0cbgyXSHsKML5eB5Io_BaC7UAJUMTAzev9dMYnNVdaqTtevPglJ_Xeplu483sD9pj0LTAxRPo3YhhoUA4Flb0rI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BDC3 0
172 B 142ms
48ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPrvNfeckXMFdHZvJz8espQ&google_cver=1&google_push=AXcoOmRr9IztLl8CNBK0j4ee4cr-wIUcTc8NHB_tUKxhV7SBhO2xSfkaEKAH_2VcBuDFFjs8YryrXbOeNKUosUvn8nIDUpSx0R93q_U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=280&adk=3898524957&adf=3175363789&pi=t.aa~a.340264598~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x280&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=2&bdt=1488&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0&nras=2&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BDC3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHkd8RWIY82E5p2pvRiF8hY&google_cver=1&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYW...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDA0NDg5ODUyNDM5NTY1OQ%3D%3D&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYWrBZq...

170 B
329 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDA0NDg5ODUyNDM5NTY1OQ%3D%3D&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYWrBZqz0O-b78ESo5kY

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDA0NDg5ODUyNDM5NTY1OQ%3D%3D&google_push=AXcoOmSsDi-tPPoJE1Yk5f6bXZXHfWIPryNAQW0l4ueWv5wlnNRxPruudtDhZJjLTO2Tb_u3aTf05405d6-HYWrBZqz0O-b78ESo5kY
Date: Tue, 21 Nov 2023 22:24:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDC3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDZ8-p40vz2i3w6M1euOacg&google_cver=1&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1Tf...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1TfROI7oiwQ&google_hm=eS1TcDJqSFBwRTJwSGZ...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1TfROI7oiwQ&google_hm=eS1TcDJqSFBwRTJwSGZvQXhjSXU3VFBCWUF3OWRGbGNZcH5B

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 22:24:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3zlTXc9fd1NLSCkmcNJOFwyTvDcvjaCM21OqJ-NHavLWeJ-nYoj2Lj2kK1E66o2iyHUQwxVzkYKndMqPpLCni1TfROI7oiwQ&google_hm=eS1TcDJqSFBwRTJwSGZvQXhjSXU3VFBCWUF3OWRGbGNZcH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BDC3 43 B
363 B 146ms
41ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQDCA2m1sAb1vHScJw7DmAYyjfB0JBcTpYnWlMof1cXT1yGXD72DF9TNRa5gx3bn6a9xyU-oPX_-bkpp6H88Uh26rSLg7U5QEk&google_gid=CAESELB__o861SXd-xxQMAxAjN0&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 184687
expires: Tue, 21 Nov 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BDC3 0
130 B 151ms
47ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ip9NsRA4wot22L20A0A2HyFk0QxtPPC7DMctVrezDtXGSbji-8ov93iOOSX5fyUo8kL6M8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D46B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00966bdf205120a732a85907ba63f441a75af7486bfce8a30c1acce82045d721

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9ECC 2 KB
3 KB 157ms
60ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

422e4b105dd6fcb0049e004d4f00f0c751916a27f353d887a2307d06a4920923

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829c57fb4d1e65ab-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C8CE 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F1D8 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C8CE 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8CE 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV5HtqUOXTtr-VV3NlivVYe3P-4ZlTXx-kMBAoZP2IKKo8kMWjDZWOLlVzEGkGr8FQGnTrq--aaGKCUveNCkLNhCxuCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8CE 202 KB
64 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D46B 16 KB
16 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 339984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 23:58:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D46B 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 349133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame A475 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
DATA 200
OK truncated
/ Frame 8286 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beaaaf5c829b5a4c07ef26820bef1bbb5634a7b3fc1e3502fc43ebbae9446daa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 85D8 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame A68E 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D46B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcrYcIi5dZd_JC6SJ9u8Phoq3iAyutOWXdJiQ76i3EsOw-pTeOxABIOrSkxlglcL-gZQHoAGk5rSjA8gBCagDAcgDywSqBL4BT9AyViWiI_0JG8Q70xTp_K2JQ1RvwxgW_Nz_YYrOseV_qR5...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224578340381892356950%22,%22debug_reporting%22:true,%22destination%22:%22https://brightdata.com%22,%22event_report_window%22...

0
0

74ms
74ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224578340381892356950%22,%22debug_reporting%22:true,%22destination%22:%22https://brightdata.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879571748%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217960013876586070449%22}&andc=true

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4578340381892356950","debug_reporting":true,"destination":"https://brightdata.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879571748"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"17960013876586070449"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Nov 2023 22:24:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4578340381892356950","debug_reporting":true,"destination":"https://brightdata.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879571748"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"17960013876586070449"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 330E 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8286
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGg6JIS5dZde3FcS_9u8PseGV-AKi86ORdLOQv7KpEv_Y1qq8ARABIOrSkxlglcL-gZQHoAHnvqasAsgBAqkCWemeMv5Msj6oAwHIA8kEqgS_AU_QOvj6yHPdGmNy2ZVTMIMxzHsJ1lTCgYo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211591414436362053612%22,%22debug_reporting%22:true,%22destination%22:%22https://visitcyprus.com%22,%22event_report_window%...

0
0

75ms
74ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211591414436362053612%22,%22debug_reporting%22:true,%22destination%22:%22https://visitcyprus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22629776231%22],%224%22:[%2211-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214480356262269013057%22}&andc=true

Requested by

Host: whoisip.ovh
URL: https://whoisip.ovh/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11591414436362053612","debug_reporting":true,"destination":"https://visitcyprus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["629776231"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"14480356262269013057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Nov 2023 22:24:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11591414436362053612","debug_reporting":true,"destination":"https://visitcyprus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["629776231"],"4":["11-21"],"6":["true"]},"priority":"500","source_event_id":"14480356262269013057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8027 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
DATA 200
OK truncated
/ Frame C8CE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0067747551cf99cf104d5f859cf0f92e6b1744eb1aa3cae1d92f3a81610cdaa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F1D8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1&google_push=AXcoOmQG7ixshkLlQmlvHSijYe2rLWCrbqgnMLZlqWSOJ69fV2ws-qUzpItghHPq6Y7yuqQl1izlvdh0lIo8sFUmUI-tSEkWBTGkp...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0ODY3Mzg0NDc3Mjg4ODkwMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1

43 B
398 B

91ms
45ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Nov 2023 22:24:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELb-SVQo7r2CFOlV4epHbGQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F1D8 35 B
463 B 150ms
42ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH17CRa5uByHO3581pMyJiM&google_cver=1&google_push=AXcoOmQIXyvL_78KsEZ2asbJaHsr72wgpw1xnSAO4qaJLKkL99oMOAwbQWccn8-vxCiGM-X02Hh7sueemZfJzsss3Ww6-WvyTQ8gPcU4ABjoMU9y1EFTLjSS7ZnOol1UWUmj3JVc-XZ63ncAO3YnhYxt4IbzpQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE5D_aOL7MLIYLCJbirV1ks&google_cver=1&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjqlnUd1oPQmTJZgUt...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B01D78437714D629E1DB696D7C0EF4A&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjq...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B01D78437714D629E1DB696D7C0EF4A&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjqlnUd1oPQmTJZgUt49PxCTjJsIS5aoZK7-PEBXOLkH2_BBiqM-kQhY0WbhwHtvLZ6re-NOq4A

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 22:24:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B01D78437714D629E1DB696D7C0EF4A&google_push=AXcoOmTzvhXPxs0AwW6yp9rC7TJPnFJi_yuQHYxHk6azO5ScHX9tXhr4SKkZD5dGYFzjNO1u5_mdquxwrEFbhjqlnUd1oPQmTJZgUt49PxCTjJsIS5aoZK7-PEBXOLkH2_BBiqM-kQhY0WbhwHtvLZ6re-NOq4A
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Nov 2023 22:24:35 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F1D8 70 B
148 B 59ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMGnGGj4cAmZwsRoBh9m3I0&google_cver=1&google_push=AXcoOmSxmsA9HS8kprV_uumErYwA03gyjQEPgAuSXLuP8mdOO2lClsA1IGxM7xPz8vcoX6v6h6cuU1tGZCUJuSOoCjwfVtGsrkYBFjXQVT-ftv8HsbQ8QEk1-r4bgMqlVbhwWLkjPPC85sZC7EBsoz9l-DjrwtU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame F1D8 43 B
146 B 185ms
40ms Image
image/gif 3.123.247.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPL8672m_6yxWe9Ovi2uWYU&google_cver=1&google_push=AXcoOmTRXCMX0bd-7PlkcxCKrVvQlCHMb-_6EoffJ7Y_vCF_C2bwupEwfk0bUo3Mxg-vRqiy5bGG65ttBzzxzrVC9YBv3dF6dRLOGrVq1eWpd7cHm-UHF7AI85mvgMedVZEGN04xS3qW3tHjgsT0CNBMmrSV9w4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.247.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-247-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFL2lfcK8Bs52h1oKzPXMMA&google_cver=1&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50PlUxcpzq2NFx1rWHaiH1wkuFAFtmN_ts5Ed7de...

170 B
188 B

57ms
57ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50PlUxcpzq2NFx1rWHaiH1wkuFAFtmN_ts5Ed7degMc7Lm1ejAef-E3cnOQanCn99M&google_hm=eS1ScHRsU01KRTJwRzRfNEtCaUpRSndvVW1mNUJiWmxPRH5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 22:24:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHD8vmSeNb3m-YTZ-U3vFb3pe2x9IJzkaGjBJcyWUR2GSPxHgGBov7KGpNpnN9lvhOxqXbEOM1q2mXUrA-BbYJY50PlUxcpzq2NFx1rWHaiH1wkuFAFtmN_ts5Ed7degMc7Lm1ejAef-E3cnOQanCn99M&google_hm=eS1ScHRsU01KRTJwRzRfNEtCaUpRSndvVW1mNUJiWmxPRH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F1D8 43 B
362 B 40ms
39ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQJJgxKEpVq7TA2_ccgz_J99AI3IKyHSvFjcvdPZV-fb6OHvUTdTipZwiveBtX9rp1btSggexe5CuP7K5RZuzeq5Ah6hsw9v1d3eKbeP-dLYJR2nlrH8YK5_IEzncm4jMcL4X3fd9L4DVE2bWo8pnymxQ&google_gid=CAESEJziZa0qoGVvTsK523-ep04&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 190658
expires: Tue, 21 Nov 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F1D8 0
40 B 53ms
52ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrDxZAL0Y3X7qEuHkD5qHgvAf0RZ8TlxY4-5WE3TAWjH72TYAUwSpR8_XOrvZqLxxeGIHB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8CE 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV9ttIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEuQFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb65E3h05nZLKCINCTGQzLrfXmy4E-GtFGjqw3Oqj2PAGmVolFVPvoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MjAxODcxOTM1MTA5OTIYAA&sigh=z7BRkEM2834&uach_m=[UACH]&cid=CAQSOwDICaaNJddfohFttStYwQmBpoAMi5bmcyvK4KyoNfGHBEbzhNOMrJe3aXQl0e7eFgrs0WLGTz82GMSfGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C8CE 0
103 B 157ms
50ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h7hpg7haavmc60j8w2qqv99etdyt56g2aky4h1vrgxcwaem7ffxbrrs3e1b3s9tzxdtt7k3806be61pv0xqtrgph1svggx25nc2f4dxnbbk06rj6febng7xt2jmh2ardj84nrrzm6e97s457xdatwg4yb35pem2084k3fxxrhhyrr7a3zmgwnggsefs8nkwrzexbkddcmrddv5gj2sjjyq7yzr65qkfn26ywkx5dmd3j4tsfwtwvdkr5t4rcm1wy2ereqmgw0r6wwh6ssyc0n54fpvamc8rwbx63gsh931jtsxvy6s9mcjcmtat3jaqfkj7bzxg8q78rsjqtb72m5k3djdazzfrtkzpr8249y2hqb8t1mesmr0kyfwbxttksncqfq7vdt4bvzr&b=ZV0uIgAD5C0A-SMVAAxCL_N-XCRol3FZfFXFDw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420187193510992&output=html&h=90&adk=377016393&adf=2827832974&pi=t.aa~a.340286943~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1700605474&rafmt=1&to=qs&pwprc=6520324876&format=1110x90&url=https%3A%2F%2Fwhoisip.ovh%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700605474141&bpp=1&bdt=1488&idt=0&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D171f2bbb16870f25%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA&gpic=UID%3D00000cd6b7bd6d95%3AT%3D1700605473%3ART%3D1700605473%3AS%3DALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g&prev_fmts=970x90%2C0x0%2C1110x280&nras=3&correlator=4215663781781&frm=20&pv=1&ga_vid=1287855531.1700605473&ga_sid=1700605473&ga_hid=1837584075&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C42532524%2C31078301%2C44806141%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&psts=AOrYGslDga8YBQffyJLwmRZEE0KrIdd9yHNpjtbI3NSLPDbPooATuglSKW8YS8MsQ4z5sXQ1RNfxhpWBuOuU0XUvZe84aTyQ&pvsid=377681773448286&tmod=2082065147&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 22:24:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9ECC 115 KB
14 KB 54ms
50ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1352600
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iIgf3uOuIL%2B3bo6TJI90YTk7EGSVG8JNer44t69ZVQYvAxjLJwUIrPvGtax6eEz4reBmOZ3eVvGJoMXrdG1iG%2F9guq3%2Fjl7YSed8bpwrX4kqw6Octur%2BWcVRWO%2FGn2QInKLT7NWJRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829c57fc4dcc65ab-FRA
expires: Wed, 22 Nov 2023 22:24:35 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9ECC 25 KB
10 KB 71ms
50ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 570660
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7649KEUgZUpDm9BclFa4Y0%2FAxEoAQM%2Fhz9OyqQywr5jIH7M4Ll3Jm47Yfl7hgtkaaScaUXHetuwJ4lLyKaNz2jag%2Bk47ZID7c23ApSDWMwmZlPmRzazjLaoKDdvhtZ2TtqUHPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 829c57fc6de065ab-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 07:53:35 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
74ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 22:24:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 22:24:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0923 42 B
64 B 158ms
76ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqAnP1wVVtlu0oF8qKQDr_2YvzECgM-yQgpuDHkUrDMOt6auwrsomVRbAG0WeR_ZmmSBGC6FzfNqGeYZdHs2t3irzEyqcqQbdlVrUbp07eQSIWpG9F2dNdQQnaZw9_6S7b0UY40cml4I94&sai=AMfl-YTyGprLIrAD18D_wiHC1guMD7kTKP6fQtf4XRjj-QQmT66O9-xpcSrJ4jVW7I4yr1ynDdIfy3IR-bxGhwFownrNpDKsaDgdtdTDHcR4RxROAyGVlVf6VRAA5GL7kPwlPZnbRTEUj98Vh0frwgcO&sig=Cg0ArKJSzK9NptxX4hVYEAE&cid=CAQSTgDICaaN-t-_xr5nIwFdQb_tAK87912ZliB0x3c4KuT30efp8GEWQ6lJKV2FCSkNvAJde0SImUwkSe1diyJLn67BxMQHLHi9D5LUPBAY5hgB&id=lidar2&mcvt=1034&p=0,0,90,970&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2855005393&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700605473284&rpt=904&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9ECC 350 B
905 B 160ms
50ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122723
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV6oxV4ishYiflEiz1hI0RkAY5vHNA4hoiay5JFE%2BNfKeUvIIX%2BRwbsqFFts6omoW7VScOXa0FBFAer2oSisqQl1QhRh45BceBltgtvOFhGLWqyQ5hHO9cf%2FVYhlFhusKCwwxFPJ3vUOOtWYfZJBiIr6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c57feeb291e56-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5C34 2 KB
2 KB 51ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1015771
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 829c57fe3c3c3a73-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 22:24:35 GMT
expires: Fri, 10 Nov 2023 05:08:36 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gTbV4mNNKeQ1hZQGeHylyynZx0WnRaZqtMc0T3LeukhRrytitxeR0J0iSRcC1INIXeJ8vWqeBdjKZ%2F%2FcmbK8X5XdpZrmLdUqwHmXC58tpw2aqyOsQEJqpPAagim%2BdGBMcluviM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 9ECC 1 KB
2 KB 65ms
65ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ca5db4705d554b485b293e43b5db34c944a0164f25b5ea608f7e3e83819dc4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYHXap6km2M4vaIYzVPKgmyucfZdic9paXxIABtvOVTlyNnVokwPR8KepxY6IC21X4jpjT8oEe7WsvDbUsXrheugtSDapaFfPZrJ%2BIG3wZLF6BVrbysT2IWZ1T90z2LGuulWmXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 829c57ff4dcc040c-FRA
x-backend-server: aa-reachservice-group-europe-west1-0399
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 106ms
63ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829c57feed7d040c-FRA
content-length: 24
content-type: text/plain
date: Tue, 21 Nov 2023 22:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSjLidYL5VKPkXFLf%2BmprqtjHOkQ1ZcFh0kRdSVx3oxw1%2BzQvJaZ3ogC173OeeExchxg22yYBf9d5D1iHqR52Ms%2BW%2F%2FYHMFOvNkGEfUyhJBdfgHpsEY2QlzFzksWyZ0BYOrvgns%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0399

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
88ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8bafb2241cd72813215325fc56a3a03542872a6e6b4afed6f6249fc460eca4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12219
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 54DB 10 KB
4 KB 63ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

905c9221bb1d2577365470ecc575e6ab0a05a36f0e5fc84a8c64ab81ed2b0653

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gdgx0mss4qsajg7dmk6y40npvbekrzrfhew9p28w0n9gwma7pg9fw3epngx0qahr0h761yczqvh3s30vjchv9eqbj0mg9bzknfy2vn4f53b10ympe0bj20hvmffa9zrw14g2k8dbfg24f3gdk1kmnkxm53e9ehrq1wt3ppeg29dnahgvppetexw3j67wv5n0r6s9ffq6twjh2w2cy7xvp48hwzm6hcgztx8sqm6xwse97rmtzy5z5108t52z23xjj59fm5h6dah7bdebkjgrw1v50bqz1f39zjz3bc3ha3s6bxzjbpdc4brff9fzxm60xyprq754sx43m01h78r672g0d8p8k7qdp8gk9c93heq17x38hngp00qrw9wqyp91hxdxmstn6433wdgd2dmgmptmegtwnwdyp2vy3d5ssjcfj1qt9xnsr1wnsvym5t2zbsghba0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%26client%3Dca-pub-4420187193510992%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829c57ffbde33a73-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 22:24:35 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 54DB 115 KB
14 KB 58ms
53ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 746592
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kbWHbLZ2VB2xuV953ypPERN1NyfUklkQzjkP98yAjd5XGV%2Fq9yWvVZU60WQHcTuZDBA9vTunjScM9gbV9M71OOoxgcIw7mB6gL5%2BX9ghLVWMVkQIOAHkhRq9XhnS7wf6wOP0%2FzuwK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829c58003e493a73-FRA
expires: Wed, 22 Nov 2023 22:24:35 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 54DB 8 KB
8 KB 68ms
50ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10113
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAJ1P5Ck1zeoqjYUUaU%2BWQmBEWP0W88FA9bxqqkC0yU0kKJTfjWxdaZZXZw0VlXAgJDMnXaOUwbNjGX4%2FEYnDMBxbcmtmoAX2iFOxi9P%2F3xL6R9nOYML0a8B1zzMoT%2FXLU1dSk6uM7JWMNYO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800491265ab-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 54DB 11 KB
11 KB 68ms
51ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAwQ%2BQCAqc%2BRoIm5j%2FnwLUOKFem%2B07I7XMURuU64JTFqL5WPye3Zei3Fol1zJc7KuncYU6j51UlrKhgtcbzWRFMcDWEXOerlvKIjrRprddBYEHUUPB1Odhf1z0rnvaSEUAUy825IpvcukPHO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800491165ab-FRA

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 54DB 7 KB
7 KB 70ms
53ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5314
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BchJfbQ2sZIubpL5W1J7DVfKQrYK5tYgMv3MMUpAkVkQIAnAwPVBJH6FzgySNt3zyhv8ixWYkwbVa1wGc8nxt50c1g2wRzBoro6mYiz1RV0QYbzlHyAcRhD%2Fwz2iCwz%2BKpiBKELKXkVlSzv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800491465ab-FRA

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 54DB 222 KB
222 KB 70ms
53ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7701
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 17:15:02 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvAQi4AEsQEAOwfbRnBgQ1VBmRknhcfnJGZg661IRvJYzYlZEH3HMaorKZV2gUSKas8h%2B8BatJNIPAky5PzT%2Fx1U5zZeHoz5BiIzv6bNzlra0B0KFw9P4lhMqsNa7M7k%2Fs6%2BuiEdG7uhTlHv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800491065ab-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 54DB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1700605476_c086e840-88bc-11ee-92fe-22394270969d&insert=AW&&gdpr=0&gdpr_consent=

0
495 B

155ms
53ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1700605476_c086e840-88bc-11ee-92fe-22394270969d&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:36 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 829c58023a779211-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 21 Nov 2023 22:24:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1700605476_c086e840-88bc-11ee-92fe-22394270969d&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 54DB 4 KB
5 KB 65ms
49ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9472
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQah1kqEL65KBDbyDzq%2Ff1%2BfOlHIDZf8WEsjH0cPR3dZuKJ1QolnUp6c2UUYH9wIdr8B5XK9TDfHGpA4E51KHIIyXj3d%2B5QGv%2Fun%2FBTDCC6ApFMMyZpUvpM%2BPeF0gm3LxSHbl1V49GpONtDr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800490f65ab-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 54DB 15 KB
16 KB 105ms
90ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 934103
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p%2FKMXEAAtf1zRYLKwe5vbD4TYXk8mt0MuRajRABonPZeUUduMqZQRqDKZZqH5Pp5fZq%2FiLiXGjJ89anS4%2B64Dr2knxdEuXXLmFP6jslaMAvo0Vily2Qzf6lj%2FhSkRtyfunUm1I6oZvl5Gc4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829c5800491565ab-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 54DB 43 B
704 B 231ms
99ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 22:24:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4E8 13 KB
5 KB 44ms
42ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B133 829 B
561 B 54ms
53ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc010061646dd6394b9dde1884cc666ab0987361af52e3460024e2bec1246f4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6CdCIG6OsfKTmx8kaMu3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://whoisip.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W6CdCIG6OsfKTmx8kaMu3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 22:24:35 GMT
expires: Tue, 21 Nov 2023 22:24:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 429 link.html
track.webgains.com/ Frame 54DB 0
0 186ms
54ms Script
text/html 13.42.237.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ggm1c0zdc6aw0hpd0vn2k0s5nacp6rrv3mh8qgrbp6k4jhqtmgnr51f5s121y99fran5pj8xmdc75ca3fs7w32jxyjqb3cxq9p0g0f1x08np6xs7sbckxw3qc53s8mvrhtdka5w10t1g1ygf1fr6njjypg7rj59bac4mpxy939gt77v3mgwjy9x9e2f4wn5yhqy42dxgkwby2ed0ptjs3z2xf1he0npsz16pm24tg2rmt2v8c74bj2y56b2d6xcnw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%252526client%25253Dca-pub-4420187193510992%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=046443b6de5647e314ee53637ac126de%2F752040053302790000&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1700605475727&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%2526client%253Dca-pub-4420187193510992%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.237.35 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-237-35.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:36 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B133 0
0 74ms
73ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=377681773448286&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F4E8 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 20:25:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8286 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst99lfEbC8Ai-VyVMCRI3ussSnJVWK4ypr-DK91q25dIzPVpSVsxetPAjyXB5Zx7aa0vg28SYgoKR1b5lfj9duV3NmGdzeS5514Nzl3GxpDS7DSIp3TGHWTpoQTIe9HArt52y-ETLY-4LcM7V_QsgQF3DTcg23_bnjv0wv5aKmps9fVr5OldvgiJJX0Xh7gTJQMja-7mtji7WUWPg60x8_5jJkLqkp7FBFMptwvJVL5Eo4PKeFOfDovrXk5DHMB9BoehBpDFcgzPshjIAzB0wOAfwCbLvWrJjfogKr4vY-jDHUReYqJhwiL3n3xrhZoPCFdYPeVZ5M7jwF7X_GMmjxvMqVPpKnKlaNDzbW-Vzq5UbQozP2H97Ee5wsh-ubUEjWm-QFeK0lqB6NZfPxOo9vCZJrLUquh3ZyLg4MLJu50Z4hgOpXSIl4xXil7p3asTHfsNiU84O74_MKuCFRs2dTY4_YaOuFNL8sgtw4rzbq-WNJ5sVFLBsTQQwghwE7tmrhgWW84m4bjvuuxCl5qtjonEmF8unipLGagf6-apSYd7Thh08IWNRxxdpOE9tdZTCNaBoqQzRTBRTo4rOf_zAJeuhF9u2Y5L0j3o2cXrfjvw3mzD1GJ49hyX6VA7UCprHOOhSkqe3EwS4cwBt6ANMm-mrIFOavWsKyQu0d66Z8pRGDhzvb0Toxv57jQNJ_xLZJkZ-hS5tAl2NRQt_Ac_879i4rwFXZrD29CC4Vga5hRDK2nufYWn7YT6zS7eNhnh1hmMPeSc-HoEKKIIEcAWxgwCvmehZdlfnBhJLnuJrZivYs7kKPUKz9SFciNBKAaS50JPfkZTVvM2k4CVDuKRk7G_w4pDcp08UgS7yLbx-ZyRv2___4wixOy-0LduHuV_1FqWoyC4uJjZ09woUT624WqQ5r3yN34W0DomVN31feZCRrh6PvAIvM8FkSgoK9_lYAdqgzrQtDy_csDlScgpotQwQ2dyB9Nncr9ScA3HCi50-j4jZxr7994uctX5BuAyJNK-kKicYDUOGLVD59V7dRX2l_B9ybJbMXyLR6_eSITMP_U5FtTK7M02rNlc_4a2PvIqJ09mhbVk3a7Bq4Xqm1o&sai=AMfl-YTy4CY6AUbCgsQdEU8SoeMSpEpKl27wX6h-SCReVHQojrDC1_5smtQGocXgNwwq1w4LWJiwpZcSAjGd0kyGV4ivBSq9alHI_HtRGijpycja-ME01K3ZvpMPKa_UqnEMJGMAJ9kJPz8_HY6CO1ou0eAwZ-wLzr-Zjt__fSE&sig=Cg0ArKJSzAcn2llwb5YJEAE&cid=CAQSTwDICaaNmqTOFQkXgHbn8ale-DBDFwZnhGepwQgTgrjRwyEUQFNHmdsHS4ql2LFE5Jw1ZTU44piM19gm4Uqm_cfS9tiQyYQhpYCiHUQnV1sYAQ&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700605474363&rpt=341&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 22:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F4E8 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vfELjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:24:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=377681773448286&bg=!wsGlwY7NAAZxrfrxUa07ADQBe5WfOCkdBcLLBxPvt37A5sH9D8JZ0McXJTaex3NFSm2ktxuh3f3wZzawRYhBpcLWAKTqAgAAAGNSAAAABmgBB5kCv3gcLYZC9BQoPPNSGXDyrU-dxufS3wwV0Uyp8l47Eo2WNisF0Ae0hzUiTMEKmLZ-w3eZxg05CVGcftV2ZvCVLhJUGdnYasXEt3-M05aKk2Np3knejx0eGzyYmofqteyfXCGDO69UGfej1jGXHAJMFFvePRr6P192FwnVQVHLAMYgZqpY7NQRUoZvEPeHSnBF99v_hI8WGdKr-aM7tf7gY8Yk4behVGGeBG5rY6Z74pRBEPHOAXOjkaPhEZWBguXmWyw2vTIKmbad1iJwhjaOU4_W4p98KWBWADaAE3QaaLL1y7AobfAtYGJW0vzjsspGEvUmixw4zEMPC3kmolrpRCTN6RcCSeapFRI0bZoinGkM-woj0eGE2_s0JjLL7ujPvgKbLdy0tw8tTomWbNenllYUDs1jDf-vhV1Mvt1xP-4gEgI7mRAJnnk1zU5VhSwy-n8Im88tgDQkbYVTwAQns-L_NfMXEB4knZW9O-x0ac2o6G4od6CJnuIsbG12M8eN1bM4hc1CPbT2rZkBV9JrQd9UeVh5aOWtdON0T-Gnv7dainmkgqwtL3U5-YhScF1oaCog49fm_iuITOnervWsdEI4c09v2iImD1rAuRuU7tX-xPhNfcKP35apUu4nc102wxnPc17MlQcCpmoDUlFW_mmMvzd-Bun7smBUsFc6Q2o0cBwaruW7giez9aQ9atiFPWrC40SPWa53Ez5NokyxYI97fxRzqnksgCCyYLj3jT9XWmV7XLExWCKaKHfxnhVQQkEzXs4wrJfgW2iSafqOsqGK7zvcjNoAUpQVRg9WHmR1utKhPqaibqRD1ghBPDMw_bbbEQXkb3B-Xr7x-jndvUgtMZ-Qac9euVOZXhY3T2amN5xw9hrFNzRL3Auxkhr-REMtd9EDKNFomoWGLS7UpiffekaaMBHhCPnqJ8i0OKc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whoisip.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
whoisip.ovh/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: T1Vny8EdQG89XTgFEbaJtxlR91t_qr9sztoWbxP-N__FMu3YWDtyctMHgS8Syv7CHXD_2aic-ixdBjcI07RmkoP9o6cskKrq8ffRhYLltAo1
.whoisip.ovh/	1970-01-21 01:59:25	Name: _ga Value: GA1.2.1287855531.1700605473
.whoisip.ovh/	1970-01-20 16:24:51	Name: _gid Value: GA1.2.1151456816.1700605473
.whoisip.ovh/	1970-01-20 16:23:25	Name: _gat Value: 1
.whoisip.ovh/	1970-01-21 01:59:25	Name: _ga_9EMH4TSY6K Value: GS1.2.1700605473.1.0.1700605473.60.0.0
.whoisip.ovh/	1970-01-21 01:45:01	Name: __gads Value: ID=171f2bbb16870f25:T=1700605473:RT=1700605473:S=ALNI_MYD-Uhc-6D90dxjSlbkFxWP2McYZA
.whoisip.ovh/	1970-01-21 01:45:01	Name: __gpi Value: UID=00000cd6b7bd6d95:T=1700605473:RT=1700605473:S=ALNI_MYtW0XEB6hFe5ZZ_SBCliSUHvHR1g
.doubleclick.net/	1970-01-20 16:23:29	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:33:01	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 01:45:01	Name: IDE Value: AHWqTUnwIfrKidYLhbX-XYw0hgIULcPjkNS2BqgtYSAg9x-_p5Zf88vaTyGDVLyHYbc
.blismedia.com/	1970-01-21 01:09:05	Name: b Value: 655D2E231605A45E47462303BLIS
.adfarm1.adition.com/	1970-01-20 18:33:01	Name: UserID1 Value: 7304044898524395659
.everesttech.net/	1970-01-21 01:09:01	Name: everest_g_v2 Value: g_surferid~ZV0uIwABYrL1DwBd
.yahoo.com/	1970-01-21 01:09:23	Name: A3 Value: d=AQABBCMuXWUCEPhy0HtR04yLqhfieKxx6XEFEgEBAQF_XmVnZQAAAAAA_eMAAA&S=AQAAAo8fzKewnO2xEi7vN6dASuE
.quantserve.com/	1970-01-20 18:33:01	Name: d Value: EA8BCQG9KoEA
.quantserve.com/	1970-01-21 01:53:39	Name: mc Value: 655d2e23-384c3-10bec-25388
.simpli.fi/	1970-01-21 01:10:27	Name: suid Value: 2B01D78437714D629E1DB696D7C0EF4A
.tribalfusion.com/	1970-01-20 18:33:01	Name: ANON_ID Value: aantuJx2eNlSE0U7atv6XHlkmuoWMjcSbaH4vW5mJZd5qfAg8ErQUvGRRpwoHdwpkTaDZcWNZavQmVa5YNqSAUma6yj
.turn.com/	1970-01-20 20:42:37	Name: uid Value: 7248673844772888901
.awin1.com/	1970-01-20 16:27:44	Name: awpv11354 Value: 412871\|1700605476\|c086e840-88bc-11ee-92fe-22394270969d
.awin1.com/	1970-01-20 16:26:18	Name: awpv14702 Value: 412871\|1700605476\|c087f9b0-88bc-11ee-92fe-22394270969d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
www.conrad.de/	1970-01-20 16:27:44	Name: HTLP_timestamp Value: 1700605476207
www.conrad.de/	1970-01-20 16:27:44	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 16:23:27	Name: __cf_bm Value: qM_l7E8_Y3AtqAiAD0xJhrkS2yRO97rSQ7HX9l1BBDA-1700605476-0-AfQYx8tGGbuuzxSuX5R5RLnjlQQ+RWm4UxwL4rQOgkNMwyX2XSEgpMyfSE3FsglkGnNa5N+0HSudxWdG9E2VkBo=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ggm1c0zdc6aw0hpd0vn2k0s5nacp6rrv3mh8qgrbp6k4jhqtmgnr51f5s121y99fran5pj8xmdc75ca3fs7w32jxyjqb3cxq9p0g0f1x08np6xs7sbckxw3qc53s8mvrhtdka5w10t1g1ygf1fr6njjypg7rj59bac4mpxy939gt77v3mgwjy9x9e2f4wn5yhqy42dxgkwby2ed0ptjs3z2xf1he0npsz16pm24tg2rmt2v8c74bj2y56b2d6xcnw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdekgam507gr24wmw7nx6jgseztxa7858hqdnvywv31hrdzn01ggerhcbn63t05xm6zqgx1ctjwc1tcnt9x6z5ba6aw10yq5fv3062cz75sqbyh2f5s4fyy8zrqvr2w9z5n6psf73bbj5f8vsrssqhaxqqyc0kdn9ja849eq37fgn7nfnxgh7fcnz39gy3d876zy17vdkh460fxv9yts5s7f6rjqsjk76yvfzx2yden2sjra54ahbqbs8fpwst9jxba6wacyqp7wsmmrary6mfr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-pouIi5dZa3ID5XG5LcPr4SxwAGQ4YGEXLaoworwAsCNtwEQASAAYJXC_oGUB4IBF2NhLXB1Yi00NDIwMTg3MTkzNTEwOTkyyAEJqQImacesD1CyPqgDAcgDAqoEvAFP0AWIDbIgwAp6KtsgyWlamTGMbvURx9BGrSMtOVq-2lJjn0SigfvWDJJkyHPrXXmQVwwi7rWk987iWJc6yZrOade-RJfkiXeSSyTPvHNHHmnxZRBf8D0m1de46TuAsgY-BnnATs7poy0S8QHBKQj1Ln5sWzdYpDgnUn43o_GwXGabbOwprWAe5MKzYQ0-u9mTNb77EVnmMY_MaOqKQadKhSgtZ3iyvuuDDLVqATo4d_feNn29SMoPdhsVi4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1NtlUEu-neKe2x47d1QTdtOBhe6g%252526client%25253Dca-pub-4420187193510992%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ad4m.at
api.ip4.city
as.ad4m.at
assets.ad4m.at
cdn.where.ovh
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
p4-aqbk7ayis4fkc-re6ndzyjqfn5kz57-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
stackpath.bootstrapcdn.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
whoisip.ovh
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.42.237.35
142.250.185.162
142.250.186.66
15.197.193.217
151.101.194.49
178.250.1.9
2.23.68.89
2001:4860:4802:34::36
216.58.206.35
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700:3033::6815:59f2
2606:4700:3036::ac43:c01b
2606:4700:3037::6815:4109
2606:4700::6810:c0cb
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:acf
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
2a04:4e42:600::649
2a05:d018:d29:3602:b34:3da1:cf11:a756
2a06:98c1:3120::3
3.123.247.10
34.91.62.186
34.96.105.8
46.228.164.11
85.114.159.93
0067747551cf99cf104d5f859cf0f92e6b1744eb1aa3cae1d92f3a81610cdaa1
00966bdf205120a732a85907ba63f441a75af7486bfce8a30c1acce82045d721
0b0508d8ce769df096815028f86f4d81ffd3b5d9639e3fe910b28357a4cbd91c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c218b9600b19b3d10bcb88fa3f42b11caa2a304a21cf1157629882c5d5c3b17
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c95d3dc0b11b9b566cdfe025ace743ccc6c4bf6ebd6f7286c58b06a3d1daae9
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
17863c09b9c2c8bb76b626b2d594fe829116afd1a32919a7b3a29c4b8f64f470
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
21e2349686b7e697ee0f1a996c68505226660f60b2c2fd7f6ddaa2ca9196e3aa
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26837b83c678fe62f1b525dc2688fba3517c5f7f4a07f4b1b76f0c10db789b6e
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d12ef325398950232a9ea544abbea3b8ea75e6d939e009c9650dbd9348e0f22
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
4038bc0f0b531b5ef4c8b0b82792449b1945587e4fe30a65a148c2b9e3c588fa
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
422e4b105dd6fcb0049e004d4f00f0c751916a27f353d887a2307d06a4920923
47766ba3fc1fd86f1e5464627e3eb6cb377f4b81a3b3a63dd70d8958836352d3
4798703a3ac26f597595c1da6fe3e67fd0bf5a5e4be87239256c61dc3272097f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6407295926c0d149c5c820683c17b8e3480d2f5f02d18bcfdbb98196afd63ec4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6d9136bd6ca7926a735ef7b05650df601e0345cb1d35833738b7f0f062d0cb53
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7193ea5654497d2356d0a690e3e50f39767fbff4335e57a3443c1435d648a1f2
73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504
7837e6654e2abc1d842874a9a9be1d517dccd8046602006e8016afac882db884
793b876b88b6b5bfee9ee822653270ececf300c3466a3b940369f1d14e6e5159
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f11e112e0a937df7b3f115ed3a87713d628dce86c247190e7147445252d2ee
862f5fb6da8360b6b8b295fafc5b7736c99513ebcb5e829e3755ac9481a7e63d
887f108aff33ff425e7dc9fae18e1e1e0b3bb84067defb3c737662cc66545c6a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
905c9221bb1d2577365470ecc575e6ab0a05a36f0e5fc84a8c64ab81ed2b0653
97d58ac7d40861f4ba814dbf2b7001ff68d387628df318cde1982cfde0c20175
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a064df123f1dff818911f2dd639af670a8a943a1d4ee7c5c23f31b216f88a72a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a4ca5db4705d554b485b293e43b5db34c944a0164f25b5ea608f7e3e83819dc4
a86dbcea9c72ec11bc2d2b2bab7224cd74cc058126f5e4b50945da5b038e26c4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b07a63b8ae98fbcd00d5651a251a1506de80b4e9d6600107c81cb8e471f8a545
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
beaaaf5c829b5a4c07ef26820bef1bbb5634a7b3fc1e3502fc43ebbae9446daa
c6b461e28398566c5400381c27546e3c6d5e6ea790d53afa6ac2c64148772ac9
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c8bafb2241cd72813215325fc56a3a03542872a6e6b4afed6f6249fc460eca4a
cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df874efb2ef39fb3b7ef9b208691bd23c651a4f82d08b3aa6e6b37bc0c1c48b9
e31a3d0e11e9deaa6c8364d6d2c7c1a9eec20d79bfaee6a3950deaaacdbbfb10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f82faf948dc7884eb13e28121bb45ad7e121d0209672608115bb4b31d92384
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fbc35c6b9f0c8df77c5094917473ea8852ecfa1f0df0b67164dcc3ee526b1e51
fc010061646dd6394b9dde1884cc666ab0987361af52e3460024e2bec1246f4c

whoisip.ovh Open in urlscan Pro 2606:4700:3033::6815:59f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

93 %HTTPS

68 %IPv6

32 Domains

43 Subdomains

36 IPs

7 Countries

2012 kBTransfer

5492 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

whoisip.ovh Open in urlscan Pro
2606:4700:3033::6815:59f2 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

93 %
HTTPS

68 %
IPv6

32
Domains

43
Subdomains

36
IPs

7
Countries

2012 kB
Transfer

5492 kB
Size

25
Cookies

168 HTTP transactions
6 data transactions