www.logan.com Open in urlscan Pro
207.170.160.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.logan.com/
Submission: On July 01 via api (July 1st 2023, 7:24:11 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 69 HTTP transactions. The main IP is 207.170.160.160, located in United States and belongs to MICROADVANTAGE-INC, US. The main domain is www.logan.com.

This is the only time www.logan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	207.170.160.160 207.170.160.160	14001 (MICROADVA...) (MICROADVANTAGE-INC)
21	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
23	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
69	14

1 207.170.160.160 (United States)

ASN14001 (MICROADVANTAGE-INC, US)
PTR: mail.logan.com

www.logan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	353 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	213 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	51 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
1	logan.com www.logan.com	4 KB
69	9

	Domain	Requested by
23	s0.2mdn.net	www.logan.com s0.2mdn.net
21	pagead2.googlesyndication.com	www.logan.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net www.logan.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.logan.com
2	adservice.google.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.logan.com
69	13

This site contains links to these domains. Also see Links.

Domain
mail.logan.com
loganberrybooks.com
rob.com
richardewright.com
chrisachapman.net
lynnchapman.net
marty.rob.com
efistraining.com
lancairlegacy.com
cellarideas.com
albanofamily.net
csepegi.com
5cobbs.com
mrdecorte.org
hartstones.com
mail.lancair.net
lancair.net
www.jrcs.org
www.massport.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.logan.com/
Frame ID: 815E355AF869F10D1332FB8E83990F12
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1687887119&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1688239447175&bpp=12&bdt=127&idt=261&shv=r20230627&mjsv=m202306270101&ptt=5&saldr=sa&abxe=1&correlator=1277866689095&frm=20&pv=2&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&pvsid=852683839034567&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oAPSQam7M8&p=http%3A//www.logan.com&dtd=287
Frame ID: A65A5F93871E0A41963020DFD88AE62A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYxOWBtgEwAQ&v=APEucNXhvZc8QiHZeuHe8cJjm39hsf8gsAjccAx4Ycb5ScdQiEu4FUszahDnR4nIo_gD8Gb8WCi9BoE8euKJl_pmaiGRhik_WY3rbTCr3Qsjd40xNvXCbJnUi8ug3m-3W9O3gkc2vo6I9pp5d02AxcKP0I3tcX76mSSapB5gv7450Oshhw7IoPE
Frame ID: 2E1F73A9673B4BDCBA88B8A7AECC6C4C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 52D6868A51AD4F5296EB51E025A4F41C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
Frame ID: 4DB28970AC4C44B24ACC1F04330EBD89
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 79C9A900ADFC8D21594A6602F6E1A816
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&adk=1812271804&adf=3025194257&lmt=1687887119&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.logan.com%2F&ea=0&pra=7&wgl=1&dt=1688239448561&bpp=2&bdt=1513&idt=2&shv=r20230627&mjsv=m202306270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70902a370ca90474-2245681e79e2003c%3AT%3D1688239447%3ART%3D1688239447%3AS%3DALNI_MbIglQxCdZwQ2rwxJyOnVjpmoDZNw&gpic=UID%3D00000c89da659f8f%3AT%3D1688239447%3ART%3D1688239447%3AS%3DALNI_MaY_WSzN9OPHiU6qYCbkLxvkOPe8g&prev_slotnames=9740388826&nras=1&correlator=1277866689095&frm=20&pv=1&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&psts=ABnkTfBeGqPMHqsZHZYcRcmzAGuj0mQSvmxST2t52Q4x3lRsFydohNfg1I6NZudxUMUqFQmM-N4VfHuBvQZm9dJ4I_3HrsI&pvsid=852683839034567&tmod=981483365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202306230101&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=20
Frame ID: 8B6540E45EEA3CA8F3824242A4B2CB24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: CCAE3D1F2488560AD017CACC1CA36B1E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E8C11DCE7AB6E0B5C984800DAD956C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4670CA9116FC54B7525C14424795D73E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logans

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

69
Requests

91 %
HTTPS

62 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

682 kB
Transfer

1891 kB
Size

8
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://mail.logan.com/
Title: Read Mail

Search URL Search Domain Scan URL

URL: http://loganberrybooks.com/
Title: Loganberry Books

Search URL Search Domain Scan URL

URL: http://rob.com/pix/
Title: Oops Photos

Search URL Search Domain Scan URL

URL: http://rob.com/rob/
Title: Rob Logan

Search URL Search Domain Scan URL

URL: http://rob.com/lancair/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/ann/
Title: Ann Logan

Search URL Search Domain Scan URL

URL: http://rob.com/us/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/russ/
Title: Russ Logan

Search URL Search Domain Scan URL

URL: http://rob.com/brenda/
Title: Brenda Logan

Search URL Search Domain Scan URL

URL: http://rob.com/wright/
Title: Jen Wright

Search URL Search Domain Scan URL

URL: http://richardewright.com/
Title: Richard Wright

Search URL Search Domain Scan URL

URL: http://rob.com/us/2011/Susan/
Title: Susan Wright

Search URL Search Domain Scan URL

URL: http://rob.com/chapman/
Title: Curtis Chapman

Search URL Search Domain Scan URL

URL: http://chrisachapman.net/
Title: Chris Chapman

Search URL Search Domain Scan URL

URL: http://chrisachapman.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://lynnchapman.net/
Title: Lynn Chapman

Search URL Search Domain Scan URL

URL: http://rob.com/willingham/
Title: Massey and Carrie Anne Willingam

Search URL Search Domain Scan URL

URL: http://marty.rob.com/
Title: Marty Weinhous

Search URL Search Domain Scan URL

URL: http://marty.rob.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://efistraining.com/
Title: Josh Brungardt

Search URL Search Domain Scan URL

URL: http://efistraining.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/bream/
Title: Bruce Bream

Search URL Search Domain Scan URL

URL: http://rob.com/bream/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://lancairlegacy.com/
Title: Don Barnes

Search URL Search Domain Scan URL

URL: http://cellarideas.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://albanofamily.net/
Title: Tom Albano

Search URL Search Domain Scan URL

URL: http://albanofamily.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/matt/
Title: Matt Bailey

Search URL Search Domain Scan URL

URL: http://csepegi.com/
Title: Chris Csepegi

Search URL Search Domain Scan URL

URL: http://csepegi.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://5cobbs.com/gallery3/
Title: Chris Cobb

Search URL Search Domain Scan URL

URL: http://mrdecorte.org/pix/
Title: Mike Decorte

Search URL Search Domain Scan URL

URL: http://hartstones.com/pix/
Title: Rob Hartstone

Search URL Search Domain Scan URL

URL: http://rob.com/ziegler/
Title: Keith Ziegler

Search URL Search Domain Scan URL

URL: http://rob.com/morton/
Title: Rich Morton

Search URL Search Domain Scan URL

URL: http://rob.com/clarks/
Title: Clark Hungerford

Search URL Search Domain Scan URL

URL: http://rob.com/mahar/
Title: Mike Mahar

Search URL Search Domain Scan URL

URL: http://rob.com/smith/
Title: Rob Smith

Search URL Search Domain Scan URL

URL: http://rob.com/josh/
Title: Joshua Luckner

Search URL Search Domain Scan URL

URL: http://rob.com/forearms/
Title: Mike Kling

Search URL Search Domain Scan URL

URL: http://rob.com/tkg/
Title: tkg

Search URL Search Domain Scan URL

URL: http://mail.lancair.net:81/lists/lml/
Title: Lancair Mailing List

Search URL Search Domain Scan URL

URL: http://lancair.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft/
Title: MineCraft

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.19/
Title: 1.19

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.180/
Title: 1.80

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.175/
Title: 1.75

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.164/
Title: 1.64

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.147/
Title: 1.47

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.131/
Title: 1.31

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.123/
Title: 1.23

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.10/
Title: 1.0

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.18/
Title: 0.18

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.15/
Title: 0.15

Search URL Search Domain Scan URL

URL: http://www.jrcs.org/
Title: John Reich Collectors Society

Search URL Search Domain Scan URL

URL: http://rob.com/dunham/
Title: Dunham Tavern Museum

Search URL Search Domain Scan URL

URL: http://rob.com/lnraa/
Title: Lost Nation Regional Aviation Association

Search URL Search Domain Scan URL

URL: http://rob.com/afi/
Title: Adam Ferguson Institute

Search URL Search Domain Scan URL

URL: http://rob.com/liberty/
Title: The Libertarian Party of Northeast Ohio

Search URL Search Domain Scan URL

URL: http://rob.com/cachevalley/
Title: Cache Valley

Search URL Search Domain Scan URL

URL: http://www.massport.com/logan/
Title: Airport in Boston

Search URL Search Domain Scan URL

URL: http://rob.com/rob/audio/undrm_32.mid
Title: Background MIDI Music

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1

Request Chain 13

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKB9V2rtYtMN723xHCXw.QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1&google_hm=2

Request Chain 14

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPegCaD8Ifh0HhbBCY4YhxE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPegCaD8Ifh0HhbBCY4YhxE%26google_cver%3D1

Request Chain 15

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE3MDE1Nzk5ODQ3MzAxMTU2Mg%3D%3D

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.logan.com/ 4 KB
4 KB 1219ms
148ms Document
text/html 207.170.160.160
MICROADVANTAGE-INC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.logan.com/
Protocol: HTTP/1.1
Server: 207.170.160.160 , United States, ASN14001 (MICROADVANTAGE-INC, US),
Reverse DNS: mail.logan.com
Software: Apache/2.4.27 (FreeBSD) PHP/5.6.31 /
Resource Hash: a5af6b89efadeadd718412ad6ec97b602168b65fc0a3d5c54db32627aa8dc455

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Length: 4072
Content-Type: text/html
Date: Sat, 01 Jul 2023 19:24:05 GMT
ETag: "fe8-5ff1fd82c492c"
Last-Modified: Tue, 27 Jun 2023 17:31:59 GMT
Server: Apache/2.4.27 (FreeBSD) PHP/5.6.31

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
35 KB 90ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43ea6f95e40184fbc8bb22959759067f97a8d9bcfadcea3e86009db45ce22cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 19:24:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7112940305690451067
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34907
X-XSS-Protection: 0
Expires: Sat, 01 Jul 2023 19:24:07 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/ 344 KB
119 KB 132ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359790986991748&plah=www.logan.com&bust=31075721

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

268324a8065a779103a974a2718c6bc56642a1c0d9a617ab66e8838b95869e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120856
x-xss-protection: 0
server: cafe
etag: 5282940505690839124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:24:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
603 B 81ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.logan.com&callback=_gfp_s_&client=ca-pub-5359790986991748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359790986991748&plah=www.logan.com&bust=31075721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e7fd98390075d344bf882ef32c63373f2f2367c28bebed791d4fb6eb9bb727b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.logan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A65A 20 KB
10 KB 300ms
247ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1687887119&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1688239447175&bpp=12&bdt=127&idt=261&shv=r20230627&mjsv=m202306270101&ptt=5&saldr=sa&abxe=1&correlator=1277866689095&frm=20&pv=2&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&pvsid=852683839034567&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oAPSQam7M8&p=http%3A//www.logan.com&dtd=287

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee1bb0af29a72ca534e9a253f63dacbabdabd2ebfca7538bd49566e2d9956231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 19:24:07 GMT
expires: Sat, 01 Jul 2023 19:24:07 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A65A 42 B
173 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARh0Xv1s60kb2k2Sdvbojd5_0-8KFyYPcHNCoJgqbatyIbcCi_HBOzohYoIceCx8ZHyasStNdZf68Gm4MxHDjJT9ieP77pWsC7zHpVS_wcpsli_1A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1687887119&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1688239447175&bpp=12&bdt=127&idt=261&shv=r20230627&mjsv=m202306270101&ptt=5&saldr=sa&abxe=1&correlator=1277866689095&frm=20&pv=2&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&pvsid=852683839034567&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oAPSQam7M8&p=http%3A//www.logan.com&dtd=287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A65A 0
58 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16975909793905666357&x=1&ct=119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A65A 78 KB
27 KB 125ms
123ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:24:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A65A 3 KB
1 KB 89ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 14:55:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 14:55:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A65A 20 KB
9 KB 88ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A65A 179 KB
57 KB 96ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:24:07 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2E1F 624 B
508 B 66ms
65ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYxOWBtgEwAQ&v=APEucNXhvZc8QiHZeuHe8cJjm39hsf8gsAjccAx4Ycb5ScdQiEu4FUszahDnR4nIo_gD8Gb8WCi9BoE8euKJl_pmaiGRhik_WY3rbTCr3Qsjd40xNvXCbJnUi8ug3m-3W9O3gkc2vo6I9pp5d02AxcKP0I3tcX76mSSapB5gv7450Oshhw7IoPE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1687887119&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1688239447175&bpp=12&bdt=127&idt=261&shv=r20230627&mjsv=m202306270101&ptt=5&saldr=sa&abxe=1&correlator=1277866689095&frm=20&pv=2&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&pvsid=852683839034567&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oAPSQam7M8&p=http%3A//www.logan.com&dtd=287
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 19:24:07 GMT
expires: Sat, 01 Jul 2023 19:24:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2E1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1

43 B
766 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYxOWBtgEwAQ&v=APEucNXhvZc8QiHZeuHe8cJjm39hsf8gsAjccAx4Ycb5ScdQiEu4FUszahDnR4nIo_gD8Gb8WCi9BoE8euKJl_pmaiGRhik_WY3rbTCr3Qsjd40xNvXCbJnUi8ug3m-3W9O3gkc2vo6I9pp5d02AxcKP0I3tcX76mSSapB5gv7450Oshhw7IoPE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 19:24:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2E1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKB9V2rtYtMN723xHCXw.QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1&google_hm=2

43 B
766 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYxOWBtgEwAQ&v=APEucNXhvZc8QiHZeuHe8cJjm39hsf8gsAjccAx4Ycb5ScdQiEu4FUszahDnR4nIo_gD8Gb8WCi9BoE8euKJl_pmaiGRhik_WY3rbTCr3Qsjd40xNvXCbJnUi8ug3m-3W9O3gkc2vo6I9pp5d02AxcKP0I3tcX76mSSapB5gv7450Oshhw7IoPE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 19:24:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTTTleo_ULa6TijI474A7Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2E1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPegCaD8Ifh0HhbBCY4YhxE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPegCaD8Ifh0HhbBCY4YhxE%26google_cver%3D1

43 B
1 KB

55ms
29ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPegCaD8Ifh0HhbBCY4YhxE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEYxOWBtgEwAQ&v=APEucNXhvZc8QiHZeuHe8cJjm39hsf8gsAjccAx4Ycb5ScdQiEu4FUszahDnR4nIo_gD8Gb8WCi9BoE8euKJl_pmaiGRhik_WY3rbTCr3Qsjd40xNvXCbJnUi8ug3m-3W9O3gkc2vo6I9pp5d02AxcKP0I3tcX76mSSapB5gv7450Oshhw7IoPE

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 19:24:08 GMT
AN-X-Request-Uuid: 0d3e35bd-dcca-4f60-b7c4-5669e3cc9757
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 19:24:08 GMT
AN-X-Request-Uuid: 68a3aaea-cc7d-4324-9c5a-224d7ea199b8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPegCaD8Ifh0HhbBCY4YhxE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2E1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE3MDE1Nzk5ODQ3MzAxMTU2Mg%3D%3D

170 B
243 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE3MDE1Nzk5ODQ3MzAxMTU2Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 19:24:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e5691b3b-6c58-4924-a52d-e4a7e3f8fccf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE3MDE1Nzk5ODQ3MzAxMTU2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A65A 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5671004984171&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A65A 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5671004984171&version=m202301230201&ct=119&x=1&cor=16975909793905666000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A65A 89 KB
36 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGABSRHvmmUjBle4Zp9KNq-KjCN06wtE_aOOD7pQiERcHOEcvfXdpx2ciD69mlu-_j9p70OlAgo56oJLqWdqzEYM3b5CktZCXXyssIkxfeA-KIYjguXXnFV9EQOx2fvUjVthRufGGuq4_eDjPgLmvXXdOfqiFgIbhVhHIJm53Z1NvgDFaLQgFQ7Yh0XhxowaltNxxr&cry=1&dbm_d=AKAmf-DmB0YCSh5eHTCObq2GnP586XYi9xUiydwUI7gLckyV4pzl3s6TMD7jHEmN5KbjLeHHE1kfv5lMEHDbfwQpDNTwqr5Hx94QQmz-1b9PRPDAhXRX0Rf7go-IVKBc910E5-usqt8uVf8ez957nsmMioNukLnnNy1qD9SEleTgeFlnCHlhfjKiUCSbLe5glEi6SHhmiU68Jrz1wNtSmitdKtIIYako5borfNSo30f4UXRSJZEhI4d9TTbg8pmxVjHWOvrvvbGT5OS2g2B26tAckz4H2-Fz_-ZWVQce0aJVn7P7GqoW3hCojArsoQjhwLkfr0zwI6ZmlAfxzG5ZqOYaVRIO408KK5_Sr10_MFN5-5pEjiFr26fXPFZzfNG-9xY5BbU1beyTH11OFJhPsDaeKvtVmHFDJWNoCrJHF_RNhtzGp10AVZAs4Mb6SLG5kc1zWuYxEqmWcyVO7rVlb5HmVQXBuPEQ4KvdnQpnb2Xw471RcO0Tj90Jav-Djf5gdbZdQurUGClFEGM0HFX7jkz5AHASzTxOcZOVqBVcFKniY5Yf7-a0M68ZPugColL4JcvOvVx1_7fo7uQpgKEcyHxACmpq7JOULFE5maOuT7XyiVrRJD1gMgwP3ZQLyoJ8dhzRVJ7GwbjqJPl9RHsfW8ENQGpPCyzK9-6ZOSBwo0PerI1xyX4xP33DEur12A5fl0aYAGOrZa8ZxPiZgCi8euIxuYcHshEABcXBPWDvoeZNcTr0GWIDK-I1WRPmTZW14hkG3EET4bqrdTUVFnusngyaZtuSK05h3dRDQp8cyzAqDPq02tEZxuPV2iTkZLdZqtTdkwzn-sZlD8pDH1bt7AEYo-K94SMZMfN5e9Ly2DjvpQr9mFMsh3_F0iwUyVyKNKKyMlpZvjtIeuUOE64FXURTo1pcjnoPM-TK7aF3PxXYBheGGvFzryVKy7GTH30S919QKzSI0wx4o6InInFjQr4tZ8cwUCTKvsEvkZZmLEKsWkWJsj6gCvzyzu9xGsvmRffq6VrLBHyYzvBm5olVz41H9bkLZQz_TbHXnfOrB7QYYnoDHZoEU9DqQ6R-FOQ06PsIJRpB0xm69fYCSKK1xyoQZ61G5CLy_FAHDBHhOvo8Gvv1JyZQ53Pz8T0G8dSGw3YaaQk5E5BKINoaP6InCFAKArWIYUQY3wOEcz4kjzT-0av20cGbuNx4T562GaARLGsrua_n44aM23rDKWO_VJeQyHUkPvznOHveyQiVd1OGXuIy0D0YnF4uzURUx-7pDfasg7tPTDHwXGz4QKWFYIvjcKOWcRTjrlNO7TVK8sY_wIcdpP05kE35BWHi29E4PvZ1e1aQeMsPFnVjLUsmyEbdhIdCx-oUaD6JbfUj9ocvdQEPback38-MDcBiH79HYllM-bDTDMZmlvcayh_kCE62bzAhsA9ZKUNXt9xRLiu1HwyF0NsZ-uTfXC33v-N_zT7AxcqiqiyOA98cCvXtpbvD6aqEnkwfTt5zGmyFQSq6nVipkSVs2engPGpRPcaUcvlT2aYEGJyuliCb2HDf32VkaauKJTItsna2mjetyhfUhBm-usuUqch23WfKK2Iy88nZnrGbRKcTDOLJXSvnl2DajO3RWHyinK394rrHjJuC88QbytLjpEAp4EeRSE9W3Iv5c9nBtSrYAL3zW7_TMbuI-QRYX6H4SVLBrmf33-YTqW_LVQxqAo8nt8zl4o00EACQSUefoUNuPmIWfXbuhWumNkFWeqe4esZViN4HBPpu2xra1JhLqhp2ZXuDrSG0Cuu6eJwVfO9iNDWBl5v1p7iF3LFlZLfev9VVUkv4leFtI8O1pBWjDU76-qn-gErO_4HxcNA3HcTC9aOqOYZ4M6WURhgUz_LPJQKEb57KPr4LH_9DUHDaRI8iDFt5PzQgh_kutbfx48Q60khk20uEoGa4yuF6Wz3MhQR0ItRoIX0kaVr_nHD_mWLPA48XK8ZLZ_ePy_IFVrDzZogMGGZR2aDcGgFPVhMHU4aYWjj6pXso3JoozzYXmzt535KOFbgCr36us5k_UL22TLFtVOeySqTv1F_A0oxvAak85P5AME01IfTbbuMCb_lCwzh7IZgl1Eg1bqRiW78_R5PJQ6cewOaZDsEcZd6LQfTRE9l6XXKZaw2kieTOdQ5uQkAgFcLP-W9QOoU3BuwDQGqqfCUvrho5-HkB--KPnTG4V4QomEJBkN91ALfhPc1pgM85InEPbup-fOXlee5CMBcn6HiFt8XRWLS9nJBs9jYdDaXt3c5VW1bj8h-4QYChwxqs819Y0dVHrExXM4JyHAuZGpgF6Z2duqha0Ri7ZD-Vdu7PNeTjkqtdaCAGSXBcwRsAZYyIATmL2yMbUBpftzp6nPhO5iGnZ1gFFFM7vYwmsZys2jR_gHyf-1T0kfLgTqXp1IyH0z1nv_YFQJeGevFLlYzIOh5wgeVKff3umfewALH0NKGUIc8ft-dSjmEye7ny3HF5_Z_VM0MFwRNJMirK8MVWfzGWINz0aY50wNTREE8IQ7tC8JNtf7VVJlClUDvSFJhW7Rvi39fHCJckYe0KRunSdV8Ad1f-ndFYQq8QoMBg9K6S0CQnibElcjGbPjwO79qF0LIx2MyPN-2Cdm0xlBRE0-RXBx3Z5MSLrV4rZEhq0bZH7v9O3l0MHxM0d0dsZlmox8ZLOAnED4lJyoJgB7ixHKGK4BK1wpkJ3dbnE6GSxJ_ZaG6eDNGGiuxtnQPnX78rqxx4QKLTVg-UDT88BMnglnR51smSh2i54Dg_OpjTXki69fXTqphV2GSSxViWQ6MSkL8MZX9fdgScQUIBkewRRlv7NgWvjcUCZ9M5GqHibkJZxBdfhBYCwgE1mwdqSdYM8jJu3FOTVj4C6Xnxik5-ZwyCnrPVnp2a4sK9CMxzVQeD8dXlv0BT6WsZE7m4Bfw-soe-n9a41VISJm8mXlsRbaDDc-G2J2JLPDI9yzFHXndLSs1pHSP8E_9lBRuCLJLFCAQxrq3IuNbvNECIqG7hbX4DXukaBZeOCEtotsHdzm-Sl4DiUtAPV9ON7JCg7PCPiijFbp7FX3QAg0HoUDS5vw_-US8m6iKJ49lIvBA26ceKHjjSw-G1FrJT1EGxMA-twu1jICcCwLEi2NFr2iYc0rP1GX6nb2Ns5YNYJsgsAd7TP9fif1Hl5irVXydcMYhxvDGi4hAdK4Ec-k_fpJQfhn2HVa-7f5t-TkXE_UZGV7jG-GSqQ-y-93OcxjT_kN67KiHoYf1-vB6R9MxcsNEv_mKIfsXEO2aItkGAiVNftx_0QNHLz7O6Y45qFQRLvd3QcDAAUhAcspd4krF1gyaN-LVCkNWJJngalMv8668vJeM9f_TjNg7zLIGY_63ZvwLUAfougLEIV7SAk1HMCm0xmb3tj1B75YujHRHi76211QS8KP6YIZOEyoXPKom4ZjgHa0r7oztYTv66AT6NlwDYvb4FM2P6PX48wD-Hr2NgH4MNkRL_rt1moxsYXgtWR8uikpoOwYuKAlwn&cid=CAQSGwBygQiDb3F9AZIs8sghgrcXjYqi7lkcRCknHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.logan.com%2F&ds=l&xdt=1&iif=1&cor=16975909793905666000&adk=3476589348&idt=166&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b970b59e603a057ecf635e0cdacde4ec925bec6263739427c7a6e60cbbeb46d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1687887119&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1688239447175&bpp=12&bdt=127&idt=261&shv=r20230627&mjsv=m202306270101&ptt=5&saldr=sa&abxe=1&correlator=1277866689095&frm=20&pv=2&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&pvsid=852683839034567&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oAPSQam7M8&p=http%3A//www.logan.com&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_obb_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A65A 124 KB
44 KB 96ms
24ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_278.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7569b47a2167f78a6cece4068cb90bc4d07fb04b5864bdfe98ae81d103c6c180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 10:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44500
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 10:52:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame A65A 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGABSRHvmmUjBle4Zp9KNq-KjCN06wtE_aOOD7pQiERcHOEcvfXdpx2ciD69mlu-_j9p70OlAgo56oJLqWdqzEYM3b5CktZCXXyssIkxfeA-KIYjguXXnFV9EQOx2fvUjVthRufGGuq4_eDjPgLmvXXdOfqiFgIbhVhHIJm53Z1NvgDFaLQgFQ7Yh0XhxowaltNxxr&cry=1&dbm_d=AKAmf-DmB0YCSh5eHTCObq2GnP586XYi9xUiydwUI7gLckyV4pzl3s6TMD7jHEmN5KbjLeHHE1kfv5lMEHDbfwQpDNTwqr5Hx94QQmz-1b9PRPDAhXRX0Rf7go-IVKBc910E5-usqt8uVf8ez957nsmMioNukLnnNy1qD9SEleTgeFlnCHlhfjKiUCSbLe5glEi6SHhmiU68Jrz1wNtSmitdKtIIYako5borfNSo30f4UXRSJZEhI4d9TTbg8pmxVjHWOvrvvbGT5OS2g2B26tAckz4H2-Fz_-ZWVQce0aJVn7P7GqoW3hCojArsoQjhwLkfr0zwI6ZmlAfxzG5ZqOYaVRIO408KK5_Sr10_MFN5-5pEjiFr26fXPFZzfNG-9xY5BbU1beyTH11OFJhPsDaeKvtVmHFDJWNoCrJHF_RNhtzGp10AVZAs4Mb6SLG5kc1zWuYxEqmWcyVO7rVlb5HmVQXBuPEQ4KvdnQpnb2Xw471RcO0Tj90Jav-Djf5gdbZdQurUGClFEGM0HFX7jkz5AHASzTxOcZOVqBVcFKniY5Yf7-a0M68ZPugColL4JcvOvVx1_7fo7uQpgKEcyHxACmpq7JOULFE5maOuT7XyiVrRJD1gMgwP3ZQLyoJ8dhzRVJ7GwbjqJPl9RHsfW8ENQGpPCyzK9-6ZOSBwo0PerI1xyX4xP33DEur12A5fl0aYAGOrZa8ZxPiZgCi8euIxuYcHshEABcXBPWDvoeZNcTr0GWIDK-I1WRPmTZW14hkG3EET4bqrdTUVFnusngyaZtuSK05h3dRDQp8cyzAqDPq02tEZxuPV2iTkZLdZqtTdkwzn-sZlD8pDH1bt7AEYo-K94SMZMfN5e9Ly2DjvpQr9mFMsh3_F0iwUyVyKNKKyMlpZvjtIeuUOE64FXURTo1pcjnoPM-TK7aF3PxXYBheGGvFzryVKy7GTH30S919QKzSI0wx4o6InInFjQr4tZ8cwUCTKvsEvkZZmLEKsWkWJsj6gCvzyzu9xGsvmRffq6VrLBHyYzvBm5olVz41H9bkLZQz_TbHXnfOrB7QYYnoDHZoEU9DqQ6R-FOQ06PsIJRpB0xm69fYCSKK1xyoQZ61G5CLy_FAHDBHhOvo8Gvv1JyZQ53Pz8T0G8dSGw3YaaQk5E5BKINoaP6InCFAKArWIYUQY3wOEcz4kjzT-0av20cGbuNx4T562GaARLGsrua_n44aM23rDKWO_VJeQyHUkPvznOHveyQiVd1OGXuIy0D0YnF4uzURUx-7pDfasg7tPTDHwXGz4QKWFYIvjcKOWcRTjrlNO7TVK8sY_wIcdpP05kE35BWHi29E4PvZ1e1aQeMsPFnVjLUsmyEbdhIdCx-oUaD6JbfUj9ocvdQEPback38-MDcBiH79HYllM-bDTDMZmlvcayh_kCE62bzAhsA9ZKUNXt9xRLiu1HwyF0NsZ-uTfXC33v-N_zT7AxcqiqiyOA98cCvXtpbvD6aqEnkwfTt5zGmyFQSq6nVipkSVs2engPGpRPcaUcvlT2aYEGJyuliCb2HDf32VkaauKJTItsna2mjetyhfUhBm-usuUqch23WfKK2Iy88nZnrGbRKcTDOLJXSvnl2DajO3RWHyinK394rrHjJuC88QbytLjpEAp4EeRSE9W3Iv5c9nBtSrYAL3zW7_TMbuI-QRYX6H4SVLBrmf33-YTqW_LVQxqAo8nt8zl4o00EACQSUefoUNuPmIWfXbuhWumNkFWeqe4esZViN4HBPpu2xra1JhLqhp2ZXuDrSG0Cuu6eJwVfO9iNDWBl5v1p7iF3LFlZLfev9VVUkv4leFtI8O1pBWjDU76-qn-gErO_4HxcNA3HcTC9aOqOYZ4M6WURhgUz_LPJQKEb57KPr4LH_9DUHDaRI8iDFt5PzQgh_kutbfx48Q60khk20uEoGa4yuF6Wz3MhQR0ItRoIX0kaVr_nHD_mWLPA48XK8ZLZ_ePy_IFVrDzZogMGGZR2aDcGgFPVhMHU4aYWjj6pXso3JoozzYXmzt535KOFbgCr36us5k_UL22TLFtVOeySqTv1F_A0oxvAak85P5AME01IfTbbuMCb_lCwzh7IZgl1Eg1bqRiW78_R5PJQ6cewOaZDsEcZd6LQfTRE9l6XXKZaw2kieTOdQ5uQkAgFcLP-W9QOoU3BuwDQGqqfCUvrho5-HkB--KPnTG4V4QomEJBkN91ALfhPc1pgM85InEPbup-fOXlee5CMBcn6HiFt8XRWLS9nJBs9jYdDaXt3c5VW1bj8h-4QYChwxqs819Y0dVHrExXM4JyHAuZGpgF6Z2duqha0Ri7ZD-Vdu7PNeTjkqtdaCAGSXBcwRsAZYyIATmL2yMbUBpftzp6nPhO5iGnZ1gFFFM7vYwmsZys2jR_gHyf-1T0kfLgTqXp1IyH0z1nv_YFQJeGevFLlYzIOh5wgeVKff3umfewALH0NKGUIc8ft-dSjmEye7ny3HF5_Z_VM0MFwRNJMirK8MVWfzGWINz0aY50wNTREE8IQ7tC8JNtf7VVJlClUDvSFJhW7Rvi39fHCJckYe0KRunSdV8Ad1f-ndFYQq8QoMBg9K6S0CQnibElcjGbPjwO79qF0LIx2MyPN-2Cdm0xlBRE0-RXBx3Z5MSLrV4rZEhq0bZH7v9O3l0MHxM0d0dsZlmox8ZLOAnED4lJyoJgB7ixHKGK4BK1wpkJ3dbnE6GSxJ_ZaG6eDNGGiuxtnQPnX78rqxx4QKLTVg-UDT88BMnglnR51smSh2i54Dg_OpjTXki69fXTqphV2GSSxViWQ6MSkL8MZX9fdgScQUIBkewRRlv7NgWvjcUCZ9M5GqHibkJZxBdfhBYCwgE1mwdqSdYM8jJu3FOTVj4C6Xnxik5-ZwyCnrPVnp2a4sK9CMxzVQeD8dXlv0BT6WsZE7m4Bfw-soe-n9a41VISJm8mXlsRbaDDc-G2J2JLPDI9yzFHXndLSs1pHSP8E_9lBRuCLJLFCAQxrq3IuNbvNECIqG7hbX4DXukaBZeOCEtotsHdzm-Sl4DiUtAPV9ON7JCg7PCPiijFbp7FX3QAg0HoUDS5vw_-US8m6iKJ49lIvBA26ceKHjjSw-G1FrJT1EGxMA-twu1jICcCwLEi2NFr2iYc0rP1GX6nb2Ns5YNYJsgsAd7TP9fif1Hl5irVXydcMYhxvDGi4hAdK4Ec-k_fpJQfhn2HVa-7f5t-TkXE_UZGV7jG-GSqQ-y-93OcxjT_kN67KiHoYf1-vB6R9MxcsNEv_mKIfsXEO2aItkGAiVNftx_0QNHLz7O6Y45qFQRLvd3QcDAAUhAcspd4krF1gyaN-LVCkNWJJngalMv8668vJeM9f_TjNg7zLIGY_63ZvwLUAfougLEIV7SAk1HMCm0xmb3tj1B75YujHRHi76211QS8KP6YIZOEyoXPKom4ZjgHa0r7oztYTv66AT6NlwDYvb4FM2P6PX48wD-Hr2NgH4MNkRL_rt1moxsYXgtWR8uikpoOwYuKAlwn&cid=CAQSGwBygQiDb3F9AZIs8sghgrcXjYqi7lkcRCknHBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.logan.com%2F&ds=l&xdt=1&iif=1&cor=16975909793905666000&adk=3476589348&idt=166&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame A65A 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A65A 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
DATA 200
OK truncated
/ Frame A65A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe2d967b5cd2a199365c54a9b08958eef7204ea4b8b416977ab37b42c346f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 52D6 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 52D6 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:59 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 350 KB
32 KB 69ms
23ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18212b4ad0b20b87ea6803d7c6a09c2c557a9eb6202005495f9be47c345b4360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 337290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 32594
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 21:42:38 GMT
expires: Wed, 26 Jun 2024 21:42:38 GMT
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A65A 0
0 234ms
69ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstk6DNRlG9fMTQOdl0Kgul8aZvwsRG6e7Vn4ETBfjcrCc9BVn3oxUNlpuy3-EcEYkau0mAnXet7BKR0bd1pLoapeA2sQSwuOK-fvi7s-BXtb9JEbC4xSGMtOUynwoSOqtsuMJi32944H-zkibFHMRmZjf8dCR64N3YLzKC81JCgj7EncVEtCnYti1jNImC677DkX7H-jhWuIbtPCbNnaP1lYkvSreAvtgz1xMkbMgP9-7yQES0uM8BEqHGTC8-3ZlC1SACnxGZkaXGrfwa6_S0l-q6rVE_c92H4opzOMW4u3hDvE-y3MLztZSyUgVNguf7ZDloGpxcLJVq5eWiQP7wFsUDWNsYiI5No7llrtnbrK1P0WKfK3sl-qiLGc0wmtRxFkAoXi3OHD4WZy0l_7MSPyc_-H-gDp99e8Q8dETIozlLIMsXcyqbp5Q6qQqzmDFYAsFGP63dwhOqQLiHCQ466RFTxYshddwCehZzIiFaiJ8wiMYtwmcUte3p3DB237p8TbsxRf5t8yq69Q_fCGYew-btufZPTegtY1wH4yHyNi54kYrM1KlO2Zq-DC8r4TKa26rh1e-Y6gGzKwtE9SwunufeuNB74xZrsIQs1Qbg8nMQ9m_K5CbIlSSK25mCsezScwv0AdihUbbzcA0DWdTkGNcZ0hFKsCRDPHg0llrYhmvxYBJSR5ros7phgPM0OSPlodhsBb_1knzaVav5M2wlcrNbezI_XWLn-wJsTaiamXdeLX1iw0RTYdqqJIIPWKuY-AVlkPFT5Z9KZk9KupoQ5TUU4qCw9xSICpQnGIHBWUP3Cxeo-kLOn1hZBeJxtfz495OzW8G0xmL-G1dR7L0sra0J95FDcFMbB-pT4aFwnJwpZt1inu8zFDsiUEYfSTlp9rsy3iWiX7gFfBBRIKFsbDkJhDSEIiTduCbe5GYGManU2vzMwwM6TbPApWJyOULLlflLMX6P1xqOfodc13NbH0NAU71MSMfUmTrOQv4K-aH3YCfkdIat119DeUs-9xPUJp0Bf1_EpNzRmJ9nCgp_vEBsKnXj0S1RBa35cqJRl6AXQ8qLEI0_LAFEOEP1YmqPtn1qmmZS-AxZZbVcfA5iWsgflJvLV4ltJvIna8a6TJcYGLWNn-UHaUA1hGkHrLfAnZ6z3E3iXk7Dd22w2L7JNszyKVyHqPpXYRJX9Ry1CfZKhZuuUt48RILbFAF581myZEH2XW1t_p99Lnk6EWlqr5qBLg4x7Gv-zJRpus75z8W3-OaetKvg4OAEPQaHMiarUY8Zm8YXoUC8oOw&sai=AMfl-YRdHscImm-GLvDKzdtC9xLiI68npCosZpDKQBie6qDslX4_rzYDGxdzCRhw1HoFX4DSFACFyggiMHxeNis2p28pZM5CKCaT2K1Wx3spmzxXCllQ-GtkPHUsztQLoFPOQM35esshffI5PjDEzguWb0RjKaJdPRl2cz_fc43VJyU5MMb86Oc&sig=Cg0ArKJSzEDCQ7LqTrBXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=133&cisv=r20230627.73459&arae=0&ftch=1&adurl=

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 01 Jul 2023 19:24:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:24:08 GMT

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 4DB2 28 KB
10 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 22:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jul 2023 22:22:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52D6 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYV4OV32gZLLFO4mv3wPexJaYCgAAAAA4AeAEAg&bg=!9_Sl9KDNAAb90kgr3dI7ADkAdvg8Wmo7QYjHrFpA9QKo4RRNcNHfOSiqoXTBi08bMgZyt2kSrQlCEFHx-GkygGDbbC8Urp3U8gsCAAAAt1IAAAACaAEHCgCPYeXNkbmcShuNsm-M2QFVtR8Swq55IfQaKFeyIrqWkXK8AxL4ApE9nfmEymVWEbix4TF0UdkQDAqo6W4TGQDrJ0PUYh_u2Q-SQFJms0CpLz6yl3FMi0RMtwg5voSsbgRCQZq6P17VsOLRSMWXkLdI9A_OHFQEV4e2bwUcuHdLeFTlnfvXpNW0HjoDM23szA-ZAr03rwen9TiJ6y1Fyy-RPOFtztFRT5z6XU7fN4XdCvglXkpfSUtzk5ppW4z9VL_5bwe4yLv2qoNthjtGvYbEjzmbOwk-fFk05qCDQE2LyunFA5YiEtOsTt7kvtGa9nVZJDiUYVSqkAfXlZKGBnkG20A3x5h1DB1RKUYHw6EA0_e4FiyStFjzx-y8KymCW-SxlP3-kbdW-5WrZXDcisgIdKqtOzgukIP7ReUI2Koo9BxN9cwa3emyZb0QEqXU35fcbAB-dTI6_x1pfGBa5Hd1goLNgvsvemNjYoPm8lssT0CwCH2Rk_6a6WKX5jnfR8WvON_u1EHT_wKuUeWNOMqlhVxDaaZSUTbdeNRbCs6MnSnfRcg7fCLGq2jOHAnZbTp8yf_ofWZlIrtahkGrpUfp7uAxORRg2dTtUBqcLHIslVNXHXYmrXUsjaqSxj8pMtm78DjfH7ih69kb-os0zxZecdjv55gTTwKETGDmUTiBkVPdZPOfVwZvgImZhPlgmyJMDEVD94_-ooEwa9MmYxanewv5eqe3je8P9I8P9B3zvgfeoONt69B3jdu1C3YD0-2qlGcchrMS1-RMEmGX0izXRW_v5YKkMNnwRl-dnkb2nXCmxsGhyi4xJT82I4Y07xrRuxjRj0uWHxn6havU9k3jJClgdRxfuN0fCpt6dQyYbiMaHIaFrUCcROn3w5yAoRMJClNmzbHbzSDIZksKCaYsmKWfe5k_muBiUGapQYUgSgnYyBrH_6xVxMF4mVFyjPakeKgZsUyy81cAFDGLraisJfe-vqmIOazNDXCtRlH5kLD1aKRY5fIZMbS3w5xwvx12iKoyTvHOd3uEa3m0kNGv_OpHrADxvSyzlUGYG-epZ6pmGq0dXHUsoLYeqvxXgWI4oGpcSJlHA1EddEOn19jupsOzdptV6OieYJb0k6YE2w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A65A 0
0 61ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstk6DNRlG9fMTQOdl0Kgul8aZvwsRG6e7Vn4ETBfjcrCc9BVn3oxUNlpuy3-EcEYkau0mAnXet7BKR0bd1pLoapeA2sQSwuOK-fvi7s-BXtb9JEbC4xSGMtOUynwoSOqtsuMJi32944H-zkibFHMRmZjf8dCR64N3YLzKC81JCgj7EncVEtCnYti1jNImC677DkX7H-jhWuIbtPCbNnaP1lYkvSreAvtgz1xMkbMgP9-7yQES0uM8BEqHGTC8-3ZlC1SACnxGZkaXGrfwa6_S0l-q6rVE_c92H4opzOMW4u3hDvE-y3MLztZSyUgVNguf7ZDloGpxcLJVq5eWiQP7wFsUDWNsYiI5No7llrtnbrK1P0WKfK3sl-qiLGc0wmtRxFkAoXi3OHD4WZy0l_7MSPyc_-H-gDp99e8Q8dETIozlLIMsXcyqbp5Q6qQqzmDFYAsFGP63dwhOqQLiHCQ466RFTxYshddwCehZzIiFaiJ8wiMYtwmcUte3p3DB237p8TbsxRf5t8yq69Q_fCGYew-btufZPTegtY1wH4yHyNi54kYrM1KlO2Zq-DC8r4TKa26rh1e-Y6gGzKwtE9SwunufeuNB74xZrsIQs1Qbg8nMQ9m_K5CbIlSSK25mCsezScwv0AdihUbbzcA0DWdTkGNcZ0hFKsCRDPHg0llrYhmvxYBJSR5ros7phgPM0OSPlodhsBb_1knzaVav5M2wlcrNbezI_XWLn-wJsTaiamXdeLX1iw0RTYdqqJIIPWKuY-AVlkPFT5Z9KZk9KupoQ5TUU4qCw9xSICpQnGIHBWUP3Cxeo-kLOn1hZBeJxtfz495OzW8G0xmL-G1dR7L0sra0J95FDcFMbB-pT4aFwnJwpZt1inu8zFDsiUEYfSTlp9rsy3iWiX7gFfBBRIKFsbDkJhDSEIiTduCbe5GYGManU2vzMwwM6TbPApWJyOULLlflLMX6P1xqOfodc13NbH0NAU71MSMfUmTrOQv4K-aH3YCfkdIat119DeUs-9xPUJp0Bf1_EpNzRmJ9nCgp_vEBsKnXj0S1RBa35cqJRl6AXQ8qLEI0_LAFEOEP1YmqPtn1qmmZS-AxZZbVcfA5iWsgflJvLV4ltJvIna8a6TJcYGLWNn-UHaUA1hGkHrLfAnZ6z3E3iXk7Dd22w2L7JNszyKVyHqPpXYRJX9Ry1CfZKhZuuUt48RILbFAF581myZEH2XW1t_p99Lnk6EWlqr5qBLg4x7Gv-zJRpus75z8W3-OaetKvg4OAEPQaHMiarUY8Zm8YXoUC8oOw&sai=AMfl-YRdHscImm-GLvDKzdtC9xLiI68npCosZpDKQBie6qDslX4_rzYDGxdzCRhw1HoFX4DSFACFyggiMHxeNis2p28pZM5CKCaT2K1Wx3spmzxXCllQ-GtkPHUsztQLoFPOQM35esshffI5PjDEzguWb0RjKaJdPRl2cz_fc43VJyU5MMb86Oc&sig=Cg0ArKJSzEDCQ7LqTrBXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=348&vt=11&dtpt=212&dett=3&cstd=133&cisv=r20230627.73459&arae=0&ftch=1&adurl=

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jul 2023 19:24:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A65A 7 KB
6 KB 115ms
68ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd75911a383a9031d29e012ced5c0a6713c8efe58b988ba068a5e487f2657e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5796
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c1fa6ae6a469a817e7ce01854a947cdaa5eca658705c63bcee7eff7161cb4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48742
x-xss-protection: 0
server: cafe
etag: 4631392102894178845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 19:24:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 118ms
73ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fb8c98011b0e72879caf864e12914c98bb176551de70e4b0b8bf99a0640d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11190
x-xss-protection: 0

GET
H3 200 020.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 4 KB
4 KB 23ms
23ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/020.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0f01704224e347503559fd6a9f4109d64b6d91c0e78de45634cf75c5367c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 09:33:16 GMT
x-content-type-options: nosniff
age: 35452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3891
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 09:33:16 GMT

GET
H3 200 019.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 33ms
30ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/019.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19755824312d35a804bd4b61df59be0fb2de7854589165323204008189bcb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:12:41 GMT
x-content-type-options: nosniff
age: 349887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6801
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jun 2024 18:12:41 GMT

GET
H3 200 018.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 5 KB
5 KB 31ms
29ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/018.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c993230df516fe974d7e4d3063ea1ad390305a145274174ae7ef17aedc779433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 06:13:50 GMT
x-content-type-options: nosniff
age: 565818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4869
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 06:13:50 GMT

GET
H3 200 017.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 46ms
44ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/017.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63cfbe2fd38eaf6fb766e4fe592c4db9c6473bf0db3155c2c26bd4232e25748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:02:46 GMT
x-content-type-options: nosniff
age: 1282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6789
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 19:02:46 GMT

GET
H3 200 016.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 5 KB
5 KB 49ms
47ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/016.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb4aea81ad96ff8991b66d06de8d8510baf66bea95d26eeb1888dcfdfb06ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:02:46 GMT
x-content-type-options: nosniff
age: 1282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5373
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 19:02:46 GMT

GET
H3 200 015.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 6 KB
6 KB 52ms
50ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/015.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c29b51107b1ba66823d4ef9250723093dd31a2539a91c89e27d613c4ae8b98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:58:02 GMT
x-content-type-options: nosniff
age: 555966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6334
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 08:58:02 GMT

GET
H3 200 014.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 38ms
35ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/014.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e08e7d2f483bb7d72abb01cb18bad2e2f1a9371d3c93852983f9ede6277dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 17:19:29 GMT
x-content-type-options: nosniff
age: 266679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7357
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jun 2024 17:19:29 GMT

GET
H3 200 013.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 43ms
41ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/013.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e83c4377041ada9de0f19fd373783b498dbf4705854acdc85a6f2ffe10f39e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:56:26 GMT
x-content-type-options: nosniff
age: 88062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7107
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Jun 2024 18:56:26 GMT

GET
H3 200 012.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 3 KB
3 KB 40ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/012.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45d03ff33fe1bd90513cf3b7a8e123f31af87b4d65a5c89df1ad123419e8ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:51:38 GMT
x-content-type-options: nosniff
age: 441150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3486
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jun 2024 16:51:38 GMT

GET
H3 200 011.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 8 KB
8 KB 41ms
39ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/011.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068f24d1abb0bf692cd410460e6d8f945b4108331767643f6e42f82cce6dd05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:02:46 GMT
x-content-type-options: nosniff
age: 1282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8085
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 19:02:46 GMT

GET
H3 200 010.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 8 KB
8 KB 70ms
67ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/010.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42815f2030189f2060209b66ab4ca47562c6b67a741c30b1e67fcf35fcdf1501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:02:46 GMT
x-content-type-options: nosniff
age: 1282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8470
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 19:02:46 GMT

GET
H3 200 009.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 6 KB
6 KB 57ms
54ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/009.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205caa5601ec03fa5cd64f5f9d9b23713dd7de78d65300b8ce68d06d38c8ccc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 09:33:16 GMT
x-content-type-options: nosniff
age: 35452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6546
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 09:33:16 GMT

GET
H3 200 008.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 34ms
31ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/008.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d036cea8493bf03ff93721f9d334fa67a049120aa50888f8ae871db5d2614e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:58:02 GMT
x-content-type-options: nosniff
age: 555966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7305
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 08:58:02 GMT

GET
H3 200 007.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 5 KB
5 KB 69ms
67ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/007.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47bb111c78f7a957bc39bc54cbb5058e3ca4b97634c3e84b5c2892c65d00374f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:58:02 GMT
x-content-type-options: nosniff
age: 555966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 08:58:02 GMT

GET
H3 200 006.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 9 KB
9 KB 65ms
63ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/006.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7c7aea5e66f97d56de45153918a395e7dec453b67bb41906dd88360b295d721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 20:22:22 GMT
x-content-type-options: nosniff
age: 601306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 20:22:22 GMT

GET
H3 200 005.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 6 KB
6 KB 67ms
64ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/005.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce3a63892b2be1c5235d44402eec7d5cc8976b8795328ebdbe316293236d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 20:22:22 GMT
x-content-type-options: nosniff
age: 601306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5728
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 20:22:22 GMT

GET
H3 200 004.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 8 KB
8 KB 58ms
56ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/004.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dd6d406d6cbab3e6120773b26cc41faba5ec156febe0de87e8311666fb17523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 04:45:06 GMT
x-content-type-options: nosniff
age: 52742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8453
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 04:45:06 GMT

GET
H3 200 003.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 63ms
60ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/003.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814f5610ae11e4bb74149a1953e8103a1af2eb8f1de18b40ebbb46ded50d3a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 09:33:16 GMT
x-content-type-options: nosniff
age: 35452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6657
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 09:33:16 GMT

GET
H3 200 002.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 7 KB
7 KB 53ms
51ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/002.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec85c98e4e57b32296c83f3ab37e6efff778eef70f0f810368df6ac18b16432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 21:08:37 GMT
x-content-type-options: nosniff
age: 339331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7463
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jun 2024 21:08:37 GMT

GET
H3 200 001.png
s0.2mdn.net/sadbundle/8894407447637131264/ Frame 4DB2 4 KB
4 KB 61ms
59ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8894407447637131264/001.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a83472a9f61553d6216435f711bfc6a5d4db3c15d91e1595d38bb3363aed0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8894407447637131264/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:58:02 GMT
x-content-type-options: nosniff
age: 555966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 17:58:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 08:58:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A65A 17 KB
6 KB 421ms
421ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 19:24:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 425ms
424ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 19:24:08 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 79C9 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Sat, 15 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.logan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B65 0
16 B 32ms
31ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&adk=1812271804&adf=3025194257&lmt=1687887119&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.logan.com%2F&ea=0&pra=7&wgl=1&dt=1688239448561&bpp=2&bdt=1513&idt=2&shv=r20230627&mjsv=m202306270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70902a370ca90474-2245681e79e2003c%3AT%3D1688239447%3ART%3D1688239447%3AS%3DALNI_MbIglQxCdZwQ2rwxJyOnVjpmoDZNw&gpic=UID%3D00000c89da659f8f%3AT%3D1688239447%3ART%3D1688239447%3AS%3DALNI_MaY_WSzN9OPHiU6qYCbkLxvkOPe8g&prev_slotnames=9740388826&nras=1&correlator=1277866689095&frm=20&pv=1&ga_vid=1943086700.1688239447&ga_sid=1688239447&ga_hid=1729549074&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&oid=2&psts=ABnkTfBeGqPMHqsZHZYcRcmzAGuj0mQSvmxST2t52Q4x3lRsFydohNfg1I6NZudxUMUqFQmM-N4VfHuBvQZm9dJ4I_3HrsI&pvsid=852683839034567&tmod=981483365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202306230101&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 19:24:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame CCAE 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E8C 13 KB
5 KB 25ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 18:09:38 GMT
expires: Sun, 30 Jun 2024 18:09:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4670 783 B
1 KB 89ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7504ff51c788388a07d66e61ac37b4c037807b582a67c4044913822ac4f101a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YdqPaL5zy_7V6yTvvwQHoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YdqPaL5zy_7V6yTvvwQHoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 19:24:09 GMT
expires: Sat, 01 Jul 2023 19:24:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E8C 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4670 0
0 55ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=852683839034567&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9E8C 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gYckAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:24:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A65A 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-zoLi7edzXZlpoAzslWS1a6XUYxgrzc6kpt6tMBQEjOhmjrPKqfOAifgZO5jlVch2g-EI7QBfgJgWN57zYEtoz1EVZWqMOnBa2hVc6Mm9GoNEkyJV9tI_bamicA-vwuZAbfJvCIFlsD0y&sai=AMfl-YRybxbaMUaV6ihXCmcrcSoikUTLRp5HOdc7rOKjrwccQgNrObYxUoN1-Y3_cDwlp2ckF3oHhGrINpJN&sig=Cg0ArKJSzM5s6Ba8HGgnEAE&cid=CAQSGwBygQiDb3F9AZIs8sghgrcXjYqi7lkcRCknHBgB&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1223337143&rs=2&la=0&cr=0&vs=4&r=v&rst=1688239447464&rpt=654&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A65A 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5671004984171&version=m202301230201&ct=119&x=1&cor=16975909793905666000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5359790986991748&su=www.logan.com&eid=44759876%2C44759927%2C44759842%2C31075721%2C44788442%2C44789820&doc=complete&pg_h=1184&pg_w=1600&pg_hs=1200&c=1&aa_c=0&av_h=600&av_w=160&av_a=96000&b=571&all_b=571&d=0.507&all_d=0.507&ard=0.051&all_ard=0.051&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 19:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=852683839034567&bg=!hoWlhdHNAAb90kgr3dI7ADkAdvg8Wj_KFPry7Y2Bv4XIHmOBkErwkgjcaP7jtNGgaj8b1JcTpM3af5zyLVIHxxd95-bg8vlUgykCAAAAeFIAAAAnaAEHCgA5twJcUhdi6fJALE5AiFntXzYi8SlAksvhhmv45KK8oo6EJNXg-jGzhoqg08crubAHp99zDgRiP2stmQKcnTKgmxoetCP2lHgP57uj0Cv-bI2u8GH_OhvJZko3RMJXUKeaRjoa562JTEmfGZQgDpn7rPDmmK3kcK2tJtqosZxsTo7BTxHCP6cUarFLBse2MK93_UsKprVCKPpNVNg6c0DzO6_z05l5mpN0JZpHCKYp5JMxJy2mXjZ3VCXoqki-UgEmNv0bRDY-Tz8Au-tWrYEi9UXcGAZqZnFZzYlSZa3LbwB3IK1kcEmUMBf7f9DEZb1UNF4SXv8ghqcRemClRjxmfpZNkMCpKpoSW48kc_ADOKLBloJMAJ1GNghpaiM5ih9ep55UF5SjCNfmoD2l-l2Aojdvauzf14WTzl1cfdM4vYtgkaV6itTi_yVTkQW-QfKQdiVMm_Ev8YD8wIHHICljObi2yVEXn66iva4Gkg93b5kORwEMkHdsxdcZ0nBpJAJWAZRtdt7h1QsLb_AmDGO5YFFrKA2IE6cpicWdAEqVPm9k2Q5CmrBxMDe23q_hsp3AEdDJvrZobOw-WWC3CtvJsjNPrUGJn69-sY08T0E_vFvYE_KzP-7tGXt20fz8eeBu8cRgCIbWzgMGPlswT3GAxR68DFnpegAzBYp8b2-AWUop72u5-ssbL1MTZqEZM7fFU59ec3Gz0A3xZZpqLezXzQHmc7NiswaaZvoVvSGLqzRoCLULLZbkvPWJDxVgP1Un0TF3UnRpWxTlauvJFl-1YReaJFpT0b4jWFW2NTuDuLy2HkSHVOG-ElrRhXR4X8nUdRO0017pIuWM3iVDhyz_TTNEWN5o-NjmLUXs4x5ase6dUOqy_Au2W-odiI-wSkeKDQDUNJ9PMI3FMEBbOZERx8LLb_t69agY7ucGAcDN6YJRGon61lBxxAmkpIAa2yt1NXgYA_tfDKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.logan.com/	1970-01-20 22:18:55	Name: __gads Value: ID=70902a370ca90474-2245681e79e2003c:T=1688239447:RT=1688239447:S=ALNI_MbIglQxCdZwQ2rwxJyOnVjpmoDZNw
.logan.com/	1970-01-20 22:18:55	Name: __gpi Value: UID=00000c89da659f8f:T=1688239447:RT=1688239447:S=ALNI_MaY_WSzN9OPHiU6qYCbkLxvkOPe8g
.doubleclick.net/	1970-01-20 22:18:55	Name: IDE Value: AHWqTUlG3XJ4aqeEGGo54qgBYP7Ae-8MRctuA3L17O7cGPEFjDxK13UlN_MxH0cW
.casalemedia.com/	1970-01-20 21:42:55	Name: CMID Value: ZKB9V2rtYtMN723xHCXw.QAA
.casalemedia.com/	1970-01-20 15:06:55	Name: CMPS Value: 3329
.casalemedia.com/	1970-01-20 15:06:55	Name: CMPRO Value: 3329
.adnxs.com/	1970-01-20 15:06:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHGa(yw!@wnfH8K6pQK`!5=E<L5>xh25?P>CeTSHdds`OEfnUUp/Zq16@Xr$emiNf%nugO%v4VB%nnDa*-@QZ
.adnxs.com/	1970-01-20 15:06:55	Name: uuid2 Value: 4822779166890175501

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.logan.com
142.250.185.194
142.250.185.98
185.80.39.216
185.89.210.90
207.170.160.160
2a00:1450:4001:803::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
068f24d1abb0bf692cd410460e6d8f945b4108331767643f6e42f82cce6dd05a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd6d406d6cbab3e6120773b26cc41faba5ec156febe0de87e8311666fb17523
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18212b4ad0b20b87ea6803d7c6a09c2c557a9eb6202005495f9be47c345b4360
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c29b51107b1ba66823d4ef9250723093dd31a2539a91c89e27d613c4ae8b98d
205caa5601ec03fa5cd64f5f9d9b23713dd7de78d65300b8ce68d06d38c8ccc6
268324a8065a779103a974a2718c6bc56642a1c0d9a617ab66e8838b95869e39
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3c0f01704224e347503559fd6a9f4109d64b6d91c0e78de45634cf75c5367c24
3ec85c98e4e57b32296c83f3ab37e6efff778eef70f0f810368df6ac18b16432
42815f2030189f2060209b66ab4ca47562c6b67a741c30b1e67fcf35fcdf1501
43ea6f95e40184fbc8bb22959759067f97a8d9bcfadcea3e86009db45ce22cf6
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
47bb111c78f7a957bc39bc54cbb5058e3ca4b97634c3e84b5c2892c65d00374f
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
59d036cea8493bf03ff93721f9d334fa67a049120aa50888f8ae871db5d2614e
5a83472a9f61553d6216435f711bfc6a5d4db3c15d91e1595d38bb3363aed0cc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7569b47a2167f78a6cece4068cb90bc4d07fb04b5864bdfe98ae81d103c6c180
7e7fd98390075d344bf882ef32c63373f2f2367c28bebed791d4fb6eb9bb727b
814f5610ae11e4bb74149a1953e8103a1af2eb8f1de18b40ebbb46ded50d3a61
8c1fa6ae6a469a817e7ce01854a947cdaa5eca658705c63bcee7eff7161cb4d0
8fe2d967b5cd2a199365c54a9b08958eef7204ea4b8b416977ab37b42c346f4c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af6b89efadeadd718412ad6ec97b602168b65fc0a3d5c54db32627aa8dc455
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19755824312d35a804bd4b61df59be0fb2de7854589165323204008189bcb11
b970b59e603a057ecf635e0cdacde4ec925bec6263739427c7a6e60cbbeb46d1
bd75911a383a9031d29e012ced5c0a6713c8efe58b988ba068a5e487f2657e34
c63cfbe2fd38eaf6fb766e4fe592c4db9c6473bf0db3155c2c26bd4232e25748
c7504ff51c788388a07d66e61ac37b4c037807b582a67c4044913822ac4f101a
c7fb8c98011b0e72879caf864e12914c98bb176551de70e4b0b8bf99a0640d9c
c993230df516fe974d7e4d3063ea1ad390305a145274174ae7ef17aedc779433
c9ce3a63892b2be1c5235d44402eec7d5cc8976b8795328ebdbe316293236d19
d9e08e7d2f483bb7d72abb01cb18bad2e2f1a9371d3c93852983f9ede6277dd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c7aea5e66f97d56de45153918a395e7dec453b67bb41906dd88360b295d721
e83c4377041ada9de0f19fd373783b498dbf4705854acdc85a6f2ffe10f39e70
ebb4aea81ad96ff8991b66d06de8d8510baf66bea95d26eeb1888dcfdfb06ac5
ee1bb0af29a72ca534e9a253f63dacbabdabd2ebfca7538bd49566e2d9956231
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45d03ff33fe1bd90513cf3b7a8e123f31af87b4d65a5c89df1ad123419e8ecb
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

www.logan.com Open in urlscan Pro 207.170.160.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

91 %HTTPS

62 %IPv6

9 Domains

13 Subdomains

14 IPs

3 Countries

682 kBTransfer

1891 kBSize

8 Cookies

62 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.logan.com Open in urlscan Pro
207.170.160.160 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

91 %
HTTPS

62 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

682 kB
Transfer

1891 kB
Size

8
Cookies

69 HTTP transactions
1 data transactions