urlscan.io logo urlscan.io
SecurityTrails logo

www.getit01.com Open in urlscan Pro
123.176.98.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.getit01.com/
Effective URL: https://www.getit01.com/
Submission: On December 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 9 countries across 25 domains to perform 181 HTTP transactions. The main IP is 123.176.98.192, located in Hong Kong and belongs to LAYER-AS Layerstack Limited, HK. The main domain is www.getit01.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on December 12th 2022. Valid for: a year.
This is the only time www.getit01.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 123.176.98.192 133380 (LAYER-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
15 192.0.77.2 2635 (AUTOMATTIC)
29 2a00:1450:400... 15169 (GOOGLE)
1 240e:933:c005... 4134 (CHINANET-...)
1 104.64.162.56 16625 (AKAMAI-AS)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 18 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 172.217.16.130 15169 (GOOGLE)
4 13 142.250.186.66 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 185.89.210.90 29990 (ASN-APPNEX)
1 3 2a00:1450:400... 15169 (GOOGLE)
6 2001:4860:480... 15169 (GOOGLE)
1 74.125.206.154 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.121.34.204 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.2.49 54113 (FASTLY)
1 3.67.231.56 16509 (AMAZON-02)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 2 37.157.3.20 198622 (ADFORM)
1 142.250.185.66 15169 (GOOGLE)
181 31
14    123.176.98.192 (Hong Kong)

ASN133380 (LAYER-AS Layerstack Limited, HK)
PTR: 123.176.98.192.layerdns.cloud
www.getit01.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i1.wp.com
29    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    240e:933:c005:2:3::3c9 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s13.cnzz.com
1    104.64.162.56 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-162-56.deploy.static.akamaitechnologies.com
s7.addthis.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
32    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
13    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:8::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-5hneknee.c.2mdn.net
9    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    3.121.34.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.67.231.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-231-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
683 KB
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
262 KB
20 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
189 KB
15 wp.com
i1.wp.com — Cisco Umbrella Rank: 8200
560 KB
14 getit01.com
www.getit01.com
93 KB
12 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 408431
s0.2mdn.net — Cisco Umbrella Rank: 300
7 MB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
139 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
321 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
3 google.com
www.google.com — Cisco Umbrella Rank: 2
816 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
653 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
147 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
545 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3351
361 B
1 cnzz.com
s13.cnzz.com — Cisco Umbrella Rank: 293925
377 B
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3086
7 KB
181 25
Domain Requested by
32 tpc.googlesyndication.com googleads.g.doubleclick.net
www.getit01.com
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
29 pagead2.googlesyndication.com www.getit01.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
18 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.getit01.com
googleads.g.doubleclick.net
15 i1.wp.com www.getit01.com
14 www.getit01.com 1 redirects www.getit01.com
10 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
9 s0.2mdn.net www.getit01.com
s0.2mdn.net
9 www.gstatic.com googleads.g.doubleclick.net
www.getit01.com
6 csi.gstatic.com imasdk.googleapis.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.googletagservices.com googleads.g.doubleclick.net
www.getit01.com
5 fonts.googleapis.com googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googleadservices.com www.getit01.com
3 googleads4.g.doubleclick.net www.getit01.com
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 r1---sn-5hneknee.c.2mdn.net www.getit01.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.getit01.com
connect.facebook.net
2 www.googletagmanager.com www.getit01.com
www.googletagmanager.com
1 ade.googlesyndication.com
1 x.bidswitch.net googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com www.getit01.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 s7.addthis.com www.getit01.com
1 s13.cnzz.com www.getit01.com
1 netdna.bootstrapcdn.com www.getit01.com
181 38

This site contains no links.

Subject Issuer Validity Valid
getit01.com
TrustAsia TLS RSA CA		 2022-12-12 -
2023-12-24		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-01-28 -
2024-02-29		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-20 -
2023-12-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://www.getit01.com/
Frame ID: 79298C63D03B142B821FB5860BED9AA8
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 32624A492D857CDFABE50F4A23253182
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&adk=1812271804&adf=3025194257&lmt=1702401047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047579&bpp=11&bdt=751&idt=371&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4835875188330&frm=20&pv=2&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=382
Frame ID: 95414D343AA27D7BEC7EC9DC2C18C5CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Frame ID: BAEC06905B0E131A1B929AA99EFCBD1A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Frame ID: 2D7D9D0C16122040476FD855C9380889
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F35407D654940655186339D4E9DE41DD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 370B19FE9CAEAF955AA745126C8FC24E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D13FC3CED4247ECF0FC568F710027C06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 86293AFF09FC8BE4C5F694920E56D73C
Requests: 29 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: B4320B6D1BD0472C9E6B4C49944FD8C4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Frame ID: 45168F65C81464F2DE573ABA72F7A9C7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1BA201C9EAF7BF7F05AE838C58339F30
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 18CCDACCBACF3FFA49AA7CE5BE1F5356
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: ADE79F6934017278CDFF62D06018AA80
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B5429C1EB6A6F9A71BEBEA9AB990E96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 76B8F76433AC1494FC0A7BCC2AC813AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: A63E7225F30D1254BABCE5A4E9B74CBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9E75A7D08D1AFF8ADD925CBC178F3A24
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DADB7BEF3528775DA12167412F46162
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DBAFEB49FDAC95AB6BB9E3CEB2223115
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
Frame ID: A68C0439B90F0EE6955F824D98985EFA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: CD0CB16D6008FE7EC443C174A0658368
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 864971CC13CE6905E448E2F6A0593D1E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46E69500622F81D77C7ADA11665CEB5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GetIt01 - 一點新知

Page URL History Show full URLs

  1. http://www.getit01.com/ HTTP 301
    https://www.getit01.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

93 %
HTTPS

60 %
IPv6

25
Domains

38
Subdomains

31
IPs

9
Countries

9802 kB
Transfer

13475 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.getit01.com/ HTTP 301
    https://www.getit01.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE_TxGJR4Zf1l2pHv9Q_Pl6vQC8W08Y1007HG35ISkq7rh6tBEAEgq4upYGCV4pCCoAegAaT2k-ECyAEJqQJxVPzHsBuyPqgDAcgDywSqBOUBT9BAvIP1P2TMANzWtVNXmDsonYhAAJbB5e9gTwd5aFX5x2sDtt2FdrAnXJ6iFhEgG7CPFR2A_Q9RdXSt9Hx-o7qJGAzTWLQa4NlVLkRLs9yM8BfCRK2jxS6wm8bgbjzzsoFQpL_y_ZVWU6z6TcXO6mf29m1ru5RVanNkfKmDfRqz3UFt1poXVSRKmIESUgwu-wzKe8XX57hgzwpck20V3acuyZmUsAHGD9wXVTqXbSojECsDaeiX3Yxl72WOKlBhQRYmk3gj9Q5NFdd2_VYix-6dSGhGRnzElefbraVCL0shcqLnBMAEnq2crL4EiAWokpurTZIFBAgEGAGSBQQIBRgEoAYugAfEieyeAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPr5StIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYorLtjbKKgwOaCSFodHRwczovL2xwLnNjb3BldmlzaW8uY29tL2N1dDIwMjSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTc3NjIyNDc4MDU2NjU5MhgAshgDIgEA&sigh=SrwPqkL1TnY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNQDP75xuvwV4SYzXocQwJVRHjP7cqBhYi9FXKkACyh2kpYmg28pidu8nlsxSjh_TJVwQcbZHeG73zesWhoQTOGcKOOpsVP612DhgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210655229275339522239%22,%22debug_reporting%22:true,%22destination%22:%22https://scopevisio.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22740621092%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221361213122003367121%22}&andc=true
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECfvwD_I9rViRYgBt8fOsLw&google_cver=1
Request Chain 96
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXiUGe9utrr9ey5fbg8zfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlD5df-q5L6rLjsAp1kejc&google_cver=1
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFQuIQymrKddHpV1lM5_COA&google_cver=1
Request Chain 98
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3OTQxMzQ3MjcyNjgxNTA5Mw%3D%3D
Request Chain 99
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 115
  • https://gcdn.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B20A4A1743C7E2475B593B5BBEF778EC31935C97.387AA40B10C2D2641AB6AB9282C00358B458885F/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C9B93BEFF672281547A6B3CF8A5F51EF67E75CA.815ECCB033C03452E1E59406AB08AAC3F0E4A307/key/cms1/cms_redirect/yes/mh/V3/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hneknee/ms/onc/mt/1702400692/mv/m/mvi/1/pl/48/file/file.mp4
Request Chain 137
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1&google_push=AXcoOmRUl1RyF4cqMKKTXpyDRzSwpFtDhQVGp7-z1cS_R5ddETYl1MNbe8VGh8S2QnQUGn1mUY9EM7YAg8tj-q235nVvbtfKn9YdFl0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYxODEyNzkxMjI3NzA2NzM3Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1
Request Chain 138
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7QqAbt3uG-qAOW49ao25MA6nXTjBQjukp8t_5HZokTWOldN1EykjUVoA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7QqAbt3uG-qAOW49ao25MA6nXTjBQjukp8t_5HZokTWOldN1EykjUVoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFVMZVdGc3UxUmQ2aHI1&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7QqAbt3uG-qAOW49ao25MA6nXTjBQjukp8t_5HZokTWOldN1EykjUVoA
Request Chain 139
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 140
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIweyFRuV8Zd1DHIZRMUYSg&google_cver=1&google_push=AXcoOmRixdyVP8WUvgy3uuF3aSuQwGcDc0Hucyfw3EZ7hUXSPcY78tzppFAoeODa7JJMC0HCqrqYMMWN62EAnBRpmz9SbziEPl6CTE0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIweyFRuV8Zd1DHIZRMUYSg&google_push=AXcoOmRixdyVP8WUvgy3uuF3aSuQwGcDc0Hucyfw3EZ7hUXSPcY78tzppFAoeODa7JJMC0HCqrqYMMWN62EAnBRpmz9SbziEPl6CTE0
Request Chain 142
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJbH3LTW0GVaaXqcdtoZILw&google_cver=1&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJbH3LTW0GVaaXqcdtoZILw&google_cver=1&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs
Request Chain 143
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAiIkTmeh-Bnmy34dHLGmOU&google_cver=1&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDsCvZ5WmqJG-Ze_-ORiXRgEjo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAiIkTmeh-Bnmy34dHLGmOU&google_cver=1&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDsCvZ5WmqJG-Ze_-ORiXRgEjo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY3MDExMTEzNDIxNDUxMTg0NQ&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDsCvZ5WmqJG-Ze_-ORiXRgEjo
Request Chain 151
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_jesGJR4ZaKDNdq-9u8P68mU4Abn_6LZdJ2tm8brD_mGl9mEMBABIKuLqWBgleKQgqAHoAGHyOeJA8gBCakCcVT8x7Absj6oAwHIA8sEqgTtAU_Q5uHrWJckPjkXtF4hYA8GpELxjxw0RkdYWCl2n70_VRP4y2bmCIMb7MzNNaBqzrdygzrgwRz_GQllWuAw3lnHsRPv12v0R5o8a9ELQKLsD3SuSPjBfyKB9QpQVJQdGhIj4GTFbdoAeBIifnee864i2qPHM65P8XqI2jKUIMKpFuA-s_8s3li8xSeuHgS7mpBTmd1wSsvSDmb-X7UKCJgSgXaK56T_i7YUYquNPa1DmP3OL4KTM2ldCVBw1lN0QXtdO3X-YMWupYtMfHgZG0w83XrpRKYk87OUTkZL1WyY2-gXSJxoBwf-w1W1W8AEt-varPoDiAWi-8bbA5IFBAgEGAGSBQQIBRgEoAYugAfht5h2qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ_rYC0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljzzKGOsoqDA5oJswFodHRwczovL3d3dy5sZWJlbnNmcmV1bmRlLmRlL3NmdmMvaW5ib3VuZGxpbmtzL0FEQjMxOFo_QUJCWj0xNTMwNSZBRkJaPTBlZDM3MmViMWM5NjJhYWY4ZDZkZThhNTVjOWFjMzAxZTkzN2QxNTJfJmQ9ZCNpYmwtQUJCMTUzMDVaQURDMVpBRkIwZWQzNzJlYjFjOTYyYWFmOGQ2ZGU4YTU1YzlhYzMwMWU5MzdkMTUyWoAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTE3NzYyMjQ3ODA1NjY1OTIYAA&sigh=J-Ad_6EK5IQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN9vJGuMOpb8AvdEle4YSvIxCcBVboC39eWPWzqpuCciDOnpTdAnVjxUXMc4sGfNWIuLoEJcX2GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216967630963283347539%22,%22debug_reporting%22:true,%22destination%22:%22https://lebensfreunde.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22825877511%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227210861718808244769%22}&andc=true

181 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.getit01.com/
Redirect Chain
  • http://www.getit01.com/
  • https://www.getit01.com/
58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
958108fcbd4baf9d9784be557498c279537510f5c554e3ce97631fc28d37dc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 17:10:46 GMT
link
<https://www.getit01.com/wp-json/>; rel="https://api.w.org/"
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 12 Dec 2023 17:10:45 GMT
Location
https://www.getit01.com/
Server
nginx
Strict-Transport-Security
max-age=31536000
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
565, 617, 617
age
2545902
cdn-cachedat
2021-06-08 19:04:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d96a1e5cbf4285f72ddb69d1eee51353
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8347952f0c0b9b95-FRA
cdn-requestpullsuccess
True
kube.css
www.getit01.com/wp-content/themes/Qu/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-content/themes/Qu/css/kube.css?ver=4.8.22
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
07f3dd5ec4c8ae1afa899d7b35a2795cfb0919cfd400e304aa1379881a7469fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
W/"5f81be92-3f4d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 13 Dec 2023 05:10:46 GMT
style.css
www.getit01.com/wp-content/themes/Qu/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
ee863978ac471046a74113d8fb754d19d52cef822179b2f9df9f173e8f9f0375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 16 Apr 2022 12:10:46 GMT
server
nginx
etag
W/"625ab246-8a73"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 13 Dec 2023 05:10:46 GMT
addthis_wordpress_public.min.css
www.getit01.com/wp-content/plugins/addthis/frontend/build/ 		587 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=4.8.22
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 18:14:18 GMT
server
nginx
etag
"5f81f9fa-24b"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
587
expires
Wed, 13 Dec 2023 05:10:46 GMT
jquery.min.js
www.getit01.com/wp-content/themes/Qu/js/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-content/themes/Qu/js/jquery.min.js?ver=4.8.22
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
W/"5f81be92-17278"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 13 Dec 2023 05:10:46 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109930472-1
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06011611d00820a5c704f3650ade035e47b50a8ad7bf5afa4952dc79425e362e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68995
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:10:47 GMT
logo.png
www.getit01.com/wp-content/themes/Qu/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getit01.com/wp-content/themes/Qu/images/logo.png
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
dae079037d3294884550accb1527bc1326fdcf5f0a1f662664b39934d2dca8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
"5f81be92-1f7a"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8058
expires
Thu, 11 Jan 2024 17:10:46 GMT
so.js
www.getit01.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/so.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:46 GMT
server
nginx
content-length
548
content-type
text/html
noimage.gif
www.getit01.com/wp-content/themes/Qu/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getit01.com/wp-content/themes/Qu/images/noimage.gif
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
c0c241a1b5c07a4e26d41b4d88b6215765f089d0d6c08c005a1d36f101d35dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
"5f81be92-1700"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5888
expires
Thu, 11 Jan 2024 17:10:47 GMT
v2-88158afcff1e7f4b8b00a1ba81171b61_720w.png
i1.wp.com/pic4.zhimg.com/80/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/80/v2-88158afcff1e7f4b8b00a1ba81171b61_720w.png
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4aae8284254ffeb76910654a64252664661ac9424a668f04580ceb013db4ef0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3708
x-nc
HIT hhn 3
last-modified
Tue, 28 Feb 2023 05:40:05 GMT
server
nginx
etag
"50517ea91aafa858"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/80/v2-88158afcff1e7f4b8b00a1ba81171b61_720w.png>; rel="canonical"
expires
Thu, 27 Feb 2025 17:40:05 GMT
v2-5601da81f57e3aae370397f5f9a4bf29_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-5601da81f57e3aae370397f5f9a4bf29_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
16327202b6c6f02d8a16fee2fb2d2dfcd648d6a608b2981a70b09dfb1830c92c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
14676
x-nc
HIT hhn 4
last-modified
Sun, 07 May 2023 04:42:54 GMT
server
nginx
etag
"f24e1763396cb215"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-5601da81f57e3aae370397f5f9a4bf29_hd.jpg>; rel="canonical"
expires
Tue, 06 May 2025 16:42:54 GMT
v2-9035c574e0f604bc44329cf45c5b319e_hd.jpg
i1.wp.com/pic1.zhimg.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic1.zhimg.com/v2-9035c574e0f604bc44329cf45c5b319e_hd.jpg?source=b555e01d
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
637db62ae229b0d1da6d1460f13487d73d610f0ff386f134c8238412b7f14560
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
10960
x-nc
HIT hhn 3
last-modified
Wed, 03 May 2023 10:05:07 GMT
server
nginx
etag
"66475a71b838ff45"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic1.zhimg.com/v2-9035c574e0f604bc44329cf45c5b319e_hd.jpg>; rel="canonical"
expires
Fri, 02 May 2025 22:05:07 GMT
v2-31283e0464de1d40dbae8cd66c804f45_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-31283e0464de1d40dbae8cd66c804f45_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
36e443a6531661eee74751387a15ad11d2c2adfb0cc39e2e1efad33b3ff812bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
13644
x-nc
HIT hhn 2
last-modified
Mon, 04 Dec 2023 18:59:39 GMT
server
nginx
etag
"2bab488d7282fcb3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-31283e0464de1d40dbae8cd66c804f45_hd.jpg>; rel="canonical"
expires
Thu, 04 Dec 2025 06:59:39 GMT
v2-840700d1cb9ad359d2447d9ced732c2b_hd.jpg
i1.wp.com/pic4.zhimg.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/v2-840700d1cb9ad359d2447d9ced732c2b_hd.jpg?source=b555e01d
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
5490cfb1d7225479587d6a10c5dd562df11a33f86ae4069b07bf380f4b93c8c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
13576
x-nc
HIT hhn 4
last-modified
Mon, 17 Apr 2023 10:02:48 GMT
server
nginx
etag
"061786d5ee58fb27"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/v2-840700d1cb9ad359d2447d9ced732c2b_hd.jpg>; rel="canonical"
expires
Wed, 16 Apr 2025 22:02:48 GMT
v2-6a4b518ed4cf4bb7f7e550d6ec387dcb_hd.jpg
i1.wp.com/pic1.zhimg.com/50/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic1.zhimg.com/50/v2-6a4b518ed4cf4bb7f7e550d6ec387dcb_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2704a686f90279cdf6fdf1bd628107b1413f1d378f3536c42ab1d9b56cbc4137
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
14306
x-nc
HIT hhn 3
last-modified
Sun, 10 Dec 2023 14:20:14 GMT
server
nginx
etag
"965896a3e640fb1f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic1.zhimg.com/50/v2-6a4b518ed4cf4bb7f7e550d6ec387dcb_hd.jpg>; rel="canonical"
expires
Wed, 10 Dec 2025 02:20:14 GMT
v2-904f96228f3e6e9751d1bca9ff3962aa_hd.jpg
i1.wp.com/pic2.zhimg.com/50/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic2.zhimg.com/50/v2-904f96228f3e6e9751d1bca9ff3962aa_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3829619de1d026e00874e51075a83a77e5d720e899f94b8b8dec91a4d2709080
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
12846
x-nc
HIT hhn 1
last-modified
Fri, 07 Jul 2023 07:57:42 GMT
server
nginx
etag
"1eb30725c9f8b067"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic2.zhimg.com/50/v2-904f96228f3e6e9751d1bca9ff3962aa_hd.jpg>; rel="canonical"
expires
Sun, 06 Jul 2025 19:57:42 GMT
v2-b7a32fdf3839e0094a95012e864a2e3d_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-b7a32fdf3839e0094a95012e864a2e3d_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
bab6cdbe3f9186c374c133cec7c54fedba74e40f60094cf7931e38fd33634d3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
14232
x-nc
HIT hhn 3
last-modified
Tue, 04 Jul 2023 15:11:24 GMT
server
nginx
etag
"07c31417afe01df9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-b7a32fdf3839e0094a95012e864a2e3d_hd.jpg>; rel="canonical"
expires
Fri, 04 Jul 2025 03:11:24 GMT
v2-eb4714b3109e260c187ff4bf3ff2f3c6_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-eb4714b3109e260c187ff4bf3ff2f3c6_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e1b05523d353a769838e360e853c890de8a11c113b69c97adfeb12786735e156
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15806
x-nc
HIT hhn 3
last-modified
Sun, 16 Jul 2023 13:17:35 GMT
server
nginx
etag
"7c129a655fff96d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-eb4714b3109e260c187ff4bf3ff2f3c6_hd.jpg>; rel="canonical"
expires
Wed, 16 Jul 2025 01:17:35 GMT
v2-040eaa91142d9de6089723d3d400859e_b.jpg
i1.wp.com/pic3.zhimg.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic3.zhimg.com/v2-040eaa91142d9de6089723d3d400859e_b.jpg
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
5f4654a6d1a8063ecf29ca8d39f7ec925c01385c78ca42eeb951e69d282474b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
39488
x-nc
HIT hhn 4
last-modified
Fri, 01 Dec 2023 17:05:23 GMT
server
nginx
etag
"958d28766acf17f3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic3.zhimg.com/v2-040eaa91142d9de6089723d3d400859e_b.jpg>; rel="canonical"
expires
Mon, 01 Dec 2025 05:05:23 GMT
v2-7c8efdd0ab97894cf657c2a05e4c3da3_b.png
i1.wp.com/pic4.zhimg.com/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/v2-7c8efdd0ab97894cf657c2a05e4c3da3_b.png
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b46356818bde5ed6af112d5b8eec4a953847c0df37d9e7c394e2016c7eae8fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
258406
x-nc
HIT hhn 2
last-modified
Wed, 05 Jul 2023 14:28:32 GMT
server
nginx
etag
"d181715574d2312a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/v2-7c8efdd0ab97894cf657c2a05e4c3da3_b.png>; rel="canonical"
expires
Sat, 05 Jul 2025 02:28:32 GMT
v2-717527a22a1d4445c7f8dda8d78a0be2_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-717527a22a1d4445c7f8dda8d78a0be2_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
276407730311109fcc31c5c48fa275320652e6ea1f598d7cae3f81b2ea6d922a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
868
x-nc
HIT hhn 2
last-modified
Sun, 10 Dec 2023 14:20:14 GMT
server
nginx
etag
"c6b5f16d87af0b20"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-717527a22a1d4445c7f8dda8d78a0be2_hd.jpg>; rel="canonical"
expires
Wed, 10 Dec 2025 02:20:14 GMT
v2-2891806f9d5d4fd2c4e54ab086327b46_hd.jpg
i1.wp.com/pic4.zhimg.com/50/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic4.zhimg.com/50/v2-2891806f9d5d4fd2c4e54ab086327b46_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a8ed036768def7ddd797babe1ce95d0891d0b80fb58132e413cb6d4bfd608171
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
23136
x-nc
HIT hhn 3
last-modified
Wed, 06 Dec 2023 02:07:48 GMT
server
nginx
etag
"334955baceddee9c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic4.zhimg.com/50/v2-2891806f9d5d4fd2c4e54ab086327b46_hd.jpg>; rel="canonical"
expires
Fri, 05 Dec 2025 14:07:48 GMT
v2-74f637a975c17dc958fbb0c70e0fee7e_b.jpg
i1.wp.com/pic3.zhimg.com/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic3.zhimg.com/v2-74f637a975c17dc958fbb0c70e0fee7e_b.jpg
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1433149d007e2ccf80277cc021c4e0faa5a21268601c6fe8105c0d95c95be189
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
115712
x-nc
HIT hhn 1
last-modified
Sun, 10 Dec 2023 14:20:15 GMT
server
nginx
etag
"9494072bad3d1008"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic3.zhimg.com/v2-74f637a975c17dc958fbb0c70e0fee7e_b.jpg>; rel="canonical"
expires
Wed, 10 Dec 2025 02:20:15 GMT
v2-870163a524f059b5379ed285aea91c9e_hd.jpg
i1.wp.com/pic1.zhimg.com/50/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/pic1.zhimg.com/50/v2-870163a524f059b5379ed285aea91c9e_hd.jpg?source=1940ef5c
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
5baabf76701d464928746c561cde880c38bd8c1a3fbcde7acab7944ff1ab3fbc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15074
x-nc
HIT hhn 4
last-modified
Sun, 10 Dec 2023 14:20:15 GMT
server
nginx
etag
"43453cc1ed56e1bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://pic1.zhimg.com/50/v2-870163a524f059b5379ed285aea91c9e_hd.jpg>; rel="canonical"
expires
Wed, 10 Dec 2025 02:20:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1776224780566592
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3146f3b2352790df1a16f92f3d50371b5e0cba579ab9ef3246ae2d17f1cdd89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Origin
https://www.getit01.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52070
x-xss-protection
0
server
cafe
etag
10268735813669309478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:47 GMT
z_stat.php
s13.cnzz.com/ 		0
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s13.cnzz.com/z_stat.php?id=1270562218&web_id=1270562218
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:933:c005:2:3::3c9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:09:58 GMT
content-encoding
gzip
via
cache33.l2cn1836[0,0,200-0,H], cache46.l2cn1836[0,0], cache7.cn2530[14,14,200-0,M], cache22.cn2530[16,0]
server
Tengine
age
49
x-swift-cachetime
41
vary
accept-encoding
ali-swift-global-savetime
1702400998
x-cache
MISS TCP_REFRESH_MISS dirn:9:136879131
cache-control
public, max-age=90
x-swift-savetime
Tue, 12 Dec 2023 17:10:47 GMT
timing-allow-origin
*
content-length
20
eagleid
775436aa17024010478258278e
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=4.8.22
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.162.56 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-162-56.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:10:47 GMT
server
Oracle API Gateway
opc-request-id
/67A8F4BAFB969A996187D0D2C39A1A2D/B93B2E54A8B09D4928E042FA117C7F7B
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
loostrive.js
www.getit01.com/wp-content/themes/Qu/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-content/themes/Qu/js/loostrive.js?ver=1.0
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
da9b72eef4c8c4c51316c51297bb8f9d1010fa8c0b9325c8bb7ba7dfc5a2cd60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
W/"5f81be92-1a1c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 13 Dec 2023 05:10:47 GMT
wp-embed.min.js
www.getit01.com/wp-includes/js/ 		1 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getit01.com/wp-includes/js/wp-embed.min.js?ver=4.8.22
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
c23627dccb22a7fff7141f0ffe282891eb02fb87d8a4a636ad08d7429e7e2103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 17 May 2023 03:27:28 GMT
server
nginx
etag
W/"646449a0-59e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 13 Dec 2023 05:10:47 GMT
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c4eea0989cb261e33ed636725b1edf5612105084b3236ca4f0a8c613b764d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:10:47 GMT
content-md5
a/RjVdUozXxog2S1hDFX1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
gkNpUpCrnGxxO/SqOQuv/7X/lhliJiw5nwnbXn2r6L/jEEWi9WGNHbnGEC8DLeOFSQYiep0Q83GVq7yxjSoO2g==
x-fb-content-md5
5967a0ea50b055a0aa737ba719494304
cross-origin-opener-policy
same-origin-allow-popups
etag
"a840699682d202978f627db556724824"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:28:57 GMT
loading.gif
www.getit01.com/wp-content/themes/Qu/images/ 		701 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getit01.com/wp-content/themes/Qu/images/loading.gif
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
7c6380e9985c8e4982f41f8dba64d6b1c4a7997d0aa635d9f4bb7643ab815248
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
"5f81be92-2bd"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
701
expires
Thu, 11 Jan 2024 17:10:47 GMT
icon.png
www.getit01.com/wp-content/themes/Qu/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getit01.com/wp-content/themes/Qu/images/icon.png
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
f8e743c54677670479b1454e4f8296bbf3013609dfb62c72ac190a09ec8940d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
"5f81be92-1778"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6008
expires
Thu, 11 Jan 2024 17:10:47 GMT
info.png
www.getit01.com/wp-content/themes/Qu/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getit01.com/wp-content/themes/Qu/images/info.png
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
123.176.98.192 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.98.192.layerdns.cloud
Software
nginx /
Resource Hash
6139a3e5b026c5a5c2dab668a0560a8b33cc21676ff52d9ec8ca6c745199935b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/wp-content/themes/Qu/style.css?ver=20150910
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10 Oct 2020 14:00:50 GMT
server
nginx
etag
"5f81be92-d17"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3351
expires
Thu, 11 Jan 2024 17:10:47 GMT
sdk.js
connect.facebook.net/zh_TW/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=e6443d4b66ca580e03a4b9bc019a624b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eabd7d007c9370773dd2f7b346dbc22648d0de8fb5574f2190722049b1e894ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.getit01.com/
Origin
https://www.getit01.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:10:47 GMT
content-md5
UMsaIfYqRd/2naS3sOFDtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88490
reporting-endpoints
x-fb-debug
ZXlhF7rMekzQx2PJkEmNuorffubwt6s0tP0jKRqd25Ja+oFODTcaOiTmP6Xldcr9aQQrbP7uf6nzXkz563eZGg==
x-fb-content-md5
f05381bda5840f1493212eb9df554d7d
cross-origin-opener-policy
same-origin-allow-popups
etag
"31afcd90e4c05d3bc4be6ae00c1feafb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Dec 2024 15:55:10 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-13XVBKN7TR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109930472-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f6a3edaded20129e09367da71770bdb24ff3479863f6169f9a801a63aaa1f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81254
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 17:10:47 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109930472-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 15:22:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6502
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 17:22:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1776224780566592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
220d76251785413e66fd2518a8b11654db8a96311f7a9be268fc51a824bfec0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137722
x-xss-protection
0
server
cafe
etag
13383229908797247613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 3262 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1776224780566592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64314
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Mon, 25 Dec 2023 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-13XVBKN7TR&gtm=45je3bt0v9119057709&_p=1702401047248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=85407608.1702401048&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&ngs=1&_s=1&sid=1702401047&sct=1&seg=0&dl=https%3A%2F%2Fwww.getit01.com%2F&dt=GetIt01%20-%20%E4%B8%80%E9%BB%9E%E6%96%B0%E7%9F%A5&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2395
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13XVBKN7TR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.getit01.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1847484540&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getit01.com%2F&ul=en-us&de=UTF-8&dt=GetIt01%20-%20%E4%B8%80%E9%BB%9E%E6%96%B0%E7%9F%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2094573198&gjid=2051259600&cid=85407608.1702401048&tid=UA-109930472-1&_gid=1538363989.1702401048&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=762779134
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getit01.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.getit01.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9541 		531 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&adk=1812271804&adf=3025194257&lmt=1702401047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047579&bpp=11&bdt=751&idt=371&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4835875188330&frm=20&pv=2&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=382
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e869d2bacf46b9b3b1d4be10693757facc924b5c6298aee9063bf5a553e3f2ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
98179
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:48 GMT
expires
Tue, 12 Dec 2023 17:10:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BAEC 		123 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aafe3688c4843dc2892d2010d5819dad43fb5cf1c9dd8aa526709b895b167e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41638
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:48 GMT
expires
Tue, 12 Dec 2023 17:10:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame BAEC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 17:02:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 17:10:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BAEC 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10315812588957582099/ Frame BAEC 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10315812588957582099/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e8f16665887380a04f274dba338dcb75d131888b40ed4ab570a6cdc0c7add74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:34:30 GMT
x-content-type-options
nosniff
age
27378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58469
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 09:30:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:34:30 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3291396503604078505/ Frame BAEC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3291396503604078505/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
340c40d9cb50207b8d3925599f0cf07710852495074ef3a7879cd8ac89ce09f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:27:30 GMT
x-content-type-options
nosniff
age
45798
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1315
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 05:55:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 04:27:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BAEC 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BAEC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
10794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BAEC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54989
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BAEC 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:48 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame BAEC 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80e6a177a8e2056826ef7da65272b7301cc0979c06fa59a9653cd2bdce8b72eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56003
x-xss-protection
0
server
cafe
etag
6740516889282731102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2D7D 		143 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49cbd25c48929842a5c78e328c32d169deb76a9cd9a97040f828cb561d982389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46872
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:49 GMT
expires
Tue, 12 Dec 2023 17:10:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BAEC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55952c11ba201be1e0b5f6830f3906ae0883ba9116d2824d38bdb32473a32176

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F354 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29750
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 370B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame D13F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8629 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame F354 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 16:18:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 17:10:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F354 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:46 GMT
x-content-type-options
nosniff
age
29763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 08:54:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F354 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options
nosniff
age
51375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 02:54:34 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F354 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
54966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F354 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
53634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:16:55 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame B432 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame B432 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 07:10:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B432 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame B432 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 00:46:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B432 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B432 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
10795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B432 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B432 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame B432 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4516 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:49 GMT
expires
Tue, 12 Dec 2023 17:10:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1BA2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1BA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
10795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1BA2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1BA2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BA2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-pa8VmupPH0DmyF2qlNP-sXkB5I82tuDrZAEnV0n_JB08hSWzLxksYRNWgq9wr9K9v208or_zlxLy9EWmVL--sn8QjR45Nd9w1Q3c7ZPHNQmWP_M
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8629 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:00:17 GMT
css
fonts.googleapis.com/ Frame 8629 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:26:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 17:10:49 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 8629 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:05:54 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 8629 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 13:38:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8629 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAEC 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:10:14 GMT
x-content-type-options
nosniff
age
28835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAEC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
85366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:28:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame BAEC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE_TxGJR4Zf1l2pHv9Q_Pl6vQC8W08Y1007HG35ISkq7rh6tBEAEgq4upYGCV4pCCoAegAaT2k-ECyAEJqQJxVPzHsBuyPqgDAcgDywSqBOUBT9BAvIP1P2TMANzWtVNXmDsonYhAAJbB5e9...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210655229275339522239%22,%22debug_reporting%22:true,%22destination%22:%22https://scopevisio.com%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210655229275339522239%22,%22debug_reporting%22:true,%22destination%22:%22https://scopevisio.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22740621092%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221361213122003367121%22}&andc=true
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"10655229275339522239","debug_reporting":true,"destination":"https://scopevisio.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["740621092"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"1361213122003367121"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:10:49 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10655229275339522239","debug_reporting":true,"destination":"https://scopevisio.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["740621092"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"1361213122003367121"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 18CC 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.668920456~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401047&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401047590&bpp=1&bdt=762&idt=375&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
101983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 12:51:06 GMT
css
fonts.googleapis.com/ Frame ADE7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:22:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 17:10:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ADE7 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame ADE7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:00:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3B54 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 16:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ADE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
10795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ADE7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ADE7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame ADE7 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
rum
dsum-sec.casalemedia.com/ Frame 4516
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECfvwD_I9rViRYgBt8fOsLw&google_cver=1
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECfvwD_I9rViRYgBt8fOsLw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frVlj0XoUoB0w4KU3ewCZedjW8bmd39kaUiuj1V0Qg1J4qNwfXDDOacQuIfHuRUFYCbaiyH7F%2BTjAjHIsgvZerlXf1P8aL5Wipck9bypGKQRQcbhrUKdd2lanMJKLkiFR1VH%2BB8X9uDDew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8347953e1c963a8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECfvwD_I9rViRYgBt8fOsLw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4516
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXiUGe9utrr9ey5fbg8zfwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlD5df-q5L6rLjsAp1kejc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlD5df-q5L6rLjsAp1kejc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ir%2B7fBQiuJYbdo9SdCM6%2BWc85iMXUBHNCI4eHjhJso30a4NR8nJRVSpbj8wp2qmiKISOoF48JdZbkbn2zqElc6OTYLILbsFHR29U1xGMJNWMnR1mpLWYfCQLGX1I2uHLjg7RihlK3tZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8347953e9b06bbbb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlD5df-q5L6rLjsAp1kejc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4516
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFQuIQymrKddHpV1lM5_COA&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFQuIQymrKddHpV1lM5_COA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
an-x-request-uuid
eb0db1e0-7664-4259-8625-dde7678c9e74
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.196; 185.213.155.196; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFQuIQymrKddHpV1lM5_COA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4516
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3OTQxMzQ3MjcyNjgxNTA5Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3OTQxMzQ3MjcyNjgxNTA5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGO3NhPMBMAE&v=APEucNUzBCO4YP1BOFHDDamoGSnObHvq8MXm2L_SAVXTdnSo8PAgSqK2jAjDOb6nRpLY2PvkRtc96f-9kK9MJNQ5fHqSVpy1KrsZvA5TlepWu42z7dP2DU4tsDdmS17BlVKJhAZLbQqlwfNc4FGnbVIj9Efu6gNPGUaVuUfuA0PR1kBeUYJ-NCM
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
an-x-request-uuid
92bb4109-8660-4dd8-aad9-d6540ca7c9c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3OTQxMzQ3MjcyNjgxNTA5Mw%3D%3D
x-proxy-origin
185.213.155.196; 185.213.155.196; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3B54
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:49 GMT
expires
Tue, 12 Dec 2023 17:10:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:49 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210655229275339522239%22,%22debug_reporting%22:true,%22destination%22:%22https://scopevisio.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22740621092%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221361213122003367121%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 17:10:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5261561089566&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5261561089566&version=m202309260101&ct=119&x=1&cor=592067139324122000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1BA2 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-OTpdNML8PaalkYisXN8ojT7LJfN7XUou7hH0YHEnDYESf4DGpV8-51zRVuFzNAUYxP9lQ2qKbmPtq5pZhpgOqLTT2SptU1iOib27h1aGCMulryOIYhQvWlRJPRwK76TMdPfRCpjvApjkVcpJ0UtikHWK7zb7OLKvR72gGA5XfGjdfUxC_Mklgm1-PUH2vCpQrzpE&cry=1&dbm_d=AKAmf-Bdc1o-HRpshCthOgThoFRFRU04-FxKJiIuJsnVGGccH21EueKwyZnV9K7KqdaDssbd7U2a0dUufl6iV9bGb-q831YoC2xSz4JoESX62866-AQzQ0anj4UiKZLXOKVXFrDJQInG4XiNUmcK-gDDNpL8YhzvzXIbVQHuQdQKNClRNffL2993Q4I9oRIjg52uR6tVD6B617EBuNLKiw3zLyNCR9_8yncRETWYZlViqGaZJNL8hPER81ZM27kxEJQ5ryub3kNraq3QyDxlFj3zOXS0w7BP_xkM1h9IPqVuKwx5_6kJJGelt-GyULjbz6gdR96L6YnXAP1f2Z_Wb12GmJBnMbUCVmy6MLC1ZjVyc_vYB9oCLmrntu1mUQbcWN7Olshy3E8V8lG45frMXMRFr9MiAqLXzA1Jp55UlOMj1HYfNvRXJPht8UdKv1XP91QsQodAgX7cqQvU9hnSkE7igb-Yn_IyqTF6Yf4TnXFkVLWWgwgqo8kNRnK1K9TdTGBFFrGDFCy94EziorFcYGpKTuXj6WMQ3jw8X1wKxtx70zr7lsnIiXaxVQbE8jHRuoePkw-KG65MktcTKHTDtixMTId0G3-fUSlgVZCa4RAgeQhLQ3qcNWsXEHvmRXX8Kyddrtf2IA4z4XI6I0_dDjSrUOcSRDo512Lrn3qiHeQoRXHfzl_YwEE7O8aCdAbN0Hn5dN-uOFKC5bHdWJQCJFDcjIIGgefhpEtBGEWyn5-OgQKQ0EcSQQdo_uzGNj47SOhZp1qnOZEkK67oKaEiBYZUFKPYkLSg9ArSvXcf5ylxGCMGWiYA6PH87tQj3O3iturLp8uGD4xjObYbi-8UBXlwWrYrBLl5DSQo7WI82wDEaU43uuGCjDryO9jmieg8ich4PLmDw1ZFbfC3fr7fs8UUx9Ns0jXrVv7jyEjL0wYISly7jgPV2ZOIYC6j-_2l6mprwsBpEZRQzh44wvIczT_CEy5Uk3LisQX_erkNv96uJgIZWBPrUMxG5FoA48jNvNdztfiRI2STrX9QlCl5vRF8iPX8VJ0PGuQSS_el3euzCAcEUgxX_lfF5QS9tqNu-AWGepxGY2cvnqgV3McxLady4gfBbI9iH8etNdPndN8KOtpNrgiKzIsGIrfqOLH-NeEbmgi9yvG61HofWoXeYaHNXixPa8q2aWx0Sdda5nKTeDfH3eAepqNpu7w9ioYL1H5ofjkwN6CCztt8vO4K63iEJYtbIMc43NAbkgJAhjtTRjO3tOdzmkeGPaz2PyXr_xEkP7pjZCmzSob6tBiKIe6BBNYIBDPqPKBxU3YUKuzcNJVaL0CtWViL3s8HsH-WkADRmJH5FuPR3KgazDVPndZQXq93mmt26QzaLs8f6UmhkOYrgs48NQPAurGpH9HX12lNyX1bVX78J0X5lVmtFyMobUIcvIvRpDgATdnwMhZ9b3k_rbQHko9PGfC93CK__2P8_T_27WuN9l2ALDZ2p-qlCzGVga85nWo26b6nsHHrZ9Noh5d3u2DBeyHtKDpU7Z0sRLQ211h7ceUPPwl0uPQWOdd_ShOJWv2ZKpCDN3LqLWgYFzW5-_OyfW12zOTCr-pzRpPSkgz6g-mt83HekyPXrT1QT1Wgq6zlmemWO2AbBs9jJ0EteVYrruvz0dBtnq4N7eXef7c4VSNunsX5ShKyVBLSYXG9rX0Rhbco-p2SllxqF-eeSYDKo7EiI6WW4qQsmnf3c4SvBSZxObgzOQ0L6JPFUgGmkAOUtKt-oP4-saH2potiABQFOiTXN-I3ILLYUDJr7zfSYJAypDY3JqfroqF4D7OaVogL04tUEHQaiNjGtCOIJ5AyqKSfIThFdQskR40u9s8T6peDb-u8yZUUu6H-MMQ-aEMejstGa3WJadJvRHqFsnKwJOl3o4S1JEgLbZeorWJtVbyRRq1rRPviJy2QkCkBXd6Z4Kl-eRHc4auBPqTq2KwX0A0FGeRqzChv4OSp0c7qIhGVQQQltKpGAYf4JMaQr7QqkbOEiIU3cnnVbr_2-WHIw5Iief2LFTv6pgxYBzGrte-6XEgtKILfkISHAVpnBMblBa10OH1Ccvl59QZHUo4PN1rvzAR_G6B3ecmJD_ukg4fY_iPsJggGlnZOliNH9crXuhBtjm_8-FrA7brJoO_hWUF7Uh9HYOVhonh5iCHj_gpGEtDrEjWF_OIgwLuxdrIFx4wiFhERO2uI5II6gJYqU2us1EMBl_UNJLzYgPvlaoVZ26uLEYZPn24dtDeQhoFWh_j_mheggW9mBBZKSYHuhsI9syzy97iyLftElFLH9mS3q9PW4C81I2rq9nP4j2PXqdwqKlcARkv2fq5CMqpxBchafqRhXThNDQH6jtOQhWycQuI59STK0En9ZIUftV2KdOQFZ9Jqyy_dhYFBIYJeA4U2sMFFi-TXyS6BxYWeXcAD5q8BfkqOM23xnvqrSLMLUq_WoSNQSQd3wC2Ghb74F911nAQGz4GXHJAt32o2snFJ-PqagedZ7eFqVVYFiB1_0cM9AWheJlVk4PFVV5R3aLUw0YAFj8_7qJ9sE7LVZG_CCRH6FCycgFgsBblaB-JF6pbVauYMUBpZ0MfDyCbL2zawW1Bzijpcd9Fcdr2qMR3RsSpMRB8aKNeFurXncYHq5-gRPLADJLMjhtyQPrpZgvCRGDybKJxuFjLQO8xrZthqzHMXpVpmTZTBRU-c-sL1lcsXBagIXQIypHbQvrXk7PPZOHNfcnyfj0cuAwe19I6E_mRh5ZgaNH3UMZdwIBi_I-LdorK9PenLXgL0B5T9KFaESer8gYQtqQY2q37auue1bJkp6UZIF6QEn7yDqi4-yRLA0nCVPLdJ0QFXElCGb6IfzxUhDU5toiG8akFNODrA1iQWQnLWNHqUDEhc0aSSPLpdTjyaM0M2EGRC9VMPJlPuTOi6OLVRN5w6nzkVW6IkYyCUWhgCCQIk9yv90tjYbnJKQAqf7RqSeBy_YGsgUfr21M3u5gjLs7wZewF0WSLQCuGGa_OJ6rDHlB76IihRA3qfN0LiwR2Fby7W-NrJfh55OIC9GPLwBsa5LIvqhzjA5CBxwvMw1dpR0YMpmQd9FDkMI1S1zrpY9AylIx-Eyf_gNTIDyRNsMr6Ia5ed15NDv5YSzCjyz8gY5Yxu5G1ccb1HSW071cClkqm9t8AHdki0oMyGdseL0lm5S0wGUvSrc1ScyUfM9Av3Te28cCel-4XC1wLBwFUdhxXSCmYKb-s-2nnnjqD8VxITKMNYAKtu7RML4JSRLPGOJZr-7FaMx-BiKQROp3vfW5O0S1rl7pJCltDSo_FzDJIWyNedDiRjAhP8y9JRelYhJUVpkfFQY-uKV5KUsLCvmqLmSya5EMB4wX7Gl8MzVULqNF2TJIKq4Djl736lb10hvQqAbQEJwW6z7eR3zJNHU8x4zBfoBIUidwtISPtzcSlrii1QRxGAA-ZAkAUr5QAz6_9451ykJhzHzZOq_kDu43OrZW6kW5k0MHjE1f2wC90acehJwejTx-6JXuArJ7GkuvNFxLGgPX-oT5Dd7KReiZ2tLI-oBbQGjNGgi_D68YbsGVICgcPzMHfG1sbpQoozNSLgvZ8MU0cMRJEa3ExsSnhAPMhffNEEKg-lSRKcurPebF-EBBTBX8Cd1xT5ijmQCNxXF6SQndyRnYtqZU2mhr4rPiQ82hXRJdK3WmQdYhjSkKA-MhzyRJY9YOAlbXAITnEtftbtaVkfRGVhxBG2gCXXh2kgMhgtQTIBrpUoCZ4LB4qBdTz7LbVJ7bjwuy8ayBjy7_qDzdIBOu3X8CrGmiosEVPm2fGBCarYuoZpKIB7N60Vk6ViFLgZjaVBIKtHCntCQaWPjTuqakBdOI1eMywGwk_cptg6lEkOTg6A7-vTkpCluLq-Vig_n6zDMS-JxKNKCZHqGotiFyFG3Hrx5qimzTVruPKDRmveZhTBBqeblsK09G6AsLa3dDsoU9cuI-IXmLp5SHv5-Da02-TYxmMtPF6KSxGJgInwfNdU66kdSFqalDEXsW40OOihFuOZa5c71Qh8qy7D3Ba3fY8wsoHMreU&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.getit01.com%2F&ds=l&xdt=1&iif=1&cor=592067139324122000&adk=521587873&idt=161&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a6d536534392fafad965c35040ae68d838672597111613a5457c7e5ce82bde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 76B8 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
101983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 12:51:06 GMT
csi
csi.gstatic.com/ Frame 8629 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq2lmomn&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&sei=44752538%2C44807615%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8629 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:53:59 GMT
x-content-type-options
nosniff
age
29810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:53:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8629 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
85366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:28:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8629 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C7AgzGJR4ZeW7BZ_u_tMPu-uHoAzg2JnNc7vjxfzwEbCQwf3qQBABIKuLqWBgleKQgqAHoAHV_dbDKcgBBakCcVT8x7Absj6oAwHIA5sEqgSYAk_QOWqxXnVsSaa-gapk1uIwJJ9YdRt-1s5PkQPtKRYvDtnznn6zMWGP6BMKge_J-fa2jibjsvSX2X1XNIV52QwXlbsdrOm9QTDAEq-4Ix_I0n9R1DEri2zwB9vTYSLdpemcZmFiE0ilJNPgFTue5mb6VUM2O6tp79WlcJRaA6GTJxdRyDG4wTfzHUrqmbNap_xGAT59lkkpS2nF4z0Owz8tuuLW7m4F9LVA3bJ5aOOMMkNTjZwbXJCBcO_1SKM0tmMKfc9tukg14LBb9noEdFb7FWJzuu1nGgsNASx5lC5wNYc2aln-i7eXTygbYEIRB3J_o8M9UIh8285IxWUf7M8qxdZPj2Bk7TLBmgCh5vDCZ05_bQgL5ujABKCo14zCBOAEA4gFs5Sf_EyQBgGgBk6AB9W1p6MEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9uPtjbKKgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATwOigFdgTCogUBNgUAdAVAfgWAYAXAegXBLIYAyIBAA&eventType=clickstring&clientTime=1702401049398&ai=C7AgzGJR4ZeW7BZ_u_tMPu-uHoAzg2JnNc7vjxfzwEbCQwf3qQBABIKuLqWBgleKQgqAHoAHV_dbDKcgBBakCcVT8x7Absj6oAwHIA5sEqgSYAk_QOWqxXnVsSaa-gapk1uIwJJ9YdRt-1s5PkQPtKRYvDtnznn6zMWGP6BMKge_J-fa2jibjsvSX2X1XNIV52QwXlbsdrOm9QTDAEq-4Ix_I0n9R1DEri2zwB9vTYSLdpemcZmFiE0ilJNPgFTue5mb6VUM2O6tp79WlcJRaA6GTJxdRyDG4wTfzHUrqmbNap_xGAT59lkkpS2nF4z0Owz8tuuLW7m4F9LVA3bJ5aOOMMkNTjZwbXJCBcO_1SKM0tmMKfc9tukg14LBb9noEdFb7FWJzuu1nGgsNASx5lC5wNYc2aln-i7eXTygbYEIRB3J_o8M9UIh8285IxWUf7M8qxdZPj2Bk7TLBmgCh5vDCZ05_bQgL5ujABKCo14zCBOAEA4gFs5Sf_EyQBgGgBk6AB9W1p6MEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9uPtjbKKgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATwOigFdgTCogUBNgUAdAVAfgWAYAXAegXBLIYAyIBAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8629 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq2lmomu&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.144&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8629 		30 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CYTpHlDThaQaxoL4KarFh4h92CLDUAcY-qxORYEYpcQWP7Ee3Efvq8Ga1HoMBZiDg8bwgXwRvhopTVGWlUN8h93dBTTg&cry=1&dbm_d=AKAmf-CGFp8PE7aTY0PQuYm3x9vJJjm6Dtp7VIl_CgtsOqJoAiLBUnRBNtxCZ9fJ0-w3KpyDQl_6zryd-OoT0EVAMmiTbdhl-3kGXq4HB4XONP3bj1QMozJaSHd3zTkGgm-jy4GxBnrg_gacuO4GAi_it9vOSM9DVZphFasw6odwS5SlWcVHJOO8xEpP76sCmnJV-Hej3BLU3NKbYXTH8eLplYKIDNMWMGiFXc_ZNvc2RJcy2dPV7BWk96zbF5kwr_isXuT7gjuWqbYlJq7LXqELBz4h62ZMtttn4-6fh5d7mtzEwmNfY6ioMs8J-nNjMzToIYYFTRVIS7xK9PtdOjC2MqQzahGZUBfxY9uB0VMdVS_TCbzFP_gpRkPxJuEoYAZX0tifkPxCZ4cRmM9QVeXBEZ16GR0xcjwSwmItJkeKOnm8YjLIJMB7htbFu6z1WACLPZv46luoAf6lMiDLPfc_SKx-DcXpQ1iowqZhkiI6yAfk_sjYDGkwDDYwDrRuqYJKDtHmgFcyCToeR4vw0wq-o7O3HwD_kga_tB3aL5ONBrj26Jw3HJ9xK0hpJwpQHSGk-9ZfcQg404ncHAeg92B3AeMBL-yQYpvOiuQy1rULAbQoYnL71WG3cRXYcZOYGBjYSsEAYvWJ09_RUyYGsE9mlJJFU_pIjqUdbWsuLa35JIzjMYXL-geEg5HuV2xJA8lnlzG1JwRJ0wUuHXvGJMD2p5TbkNK6xK1siXDBRnUnEy7X1olcaTdlgaT8GlaKWRKMUylqDI4d7QVvJgGtdDFlJYBSx2yFHvkd-4C7-Z0TPuIzeyHaIaL6I6Ky8Dcy6JOT_mWYXdr1XowPhm2QDhQ0Y9_3rOJ06MoI0-UgKw9P1vy_v8p5kRvfTQprbBMBYIbaeb4vPy42e5Y-DFZE-bytYuU457EaJNGIs2yRPlGvj6F6mecSv7olmQec5lu8lWXryffcWeezirdfKkEGhNs7nerPcmtQ2CN0xq8eA-WV9Lc-TO5AuFP5m5f1vw5QoORqXBaNuvuKydDiFFq_6aBid0qffXZ6oxKUG0Te5MBpYTT_K3jZNNOrvdQKICAClNhPyn_luOXuv6Ojb3y4Y3cavX3yRqc90LL3T_-Rgh2deymwbjRwM6qmPQvHSLzSd0b5R1Xhbk40df2MYyCwoyrzMS3kT7LTC4LYznH4GuDLLpl1FSQcdcO3AiPDnuVqe6-2Guc1xX93gRyqWpGnORVCLyJzYmlQZbbKJyLWBkExu_yYnT3eRmcMy9zKAhfZcQop7BowUo14iG4CGOi8FTgLrOdE_b6ytKBFxg5rUgYs-430U_kjJ7ELU70KaDNSm53k1aBR5i112PR3U21fbl9n0FRKtAiBiJ6TOa2EH5c9nIhiV5TOgrBwT9_ecGQogZxOvrzraMRsHN3ocUDbOZoq_byp6Mmvx7idpQrLytvrmv0Rb5C9lt1TNpdJs90hsEMkNCt3MO_PRgMcp8aTvn3TN5_oikQEvhoXsJLuTVq8U0Dw1xzE5VLC_bp9x1flKvvEWgGiKT547RzlVHWhdvs4IVh1Zo57HdVIyHa5EsRGGRCgraNbtKm2q18bDShYtWPYUWT9MzNaSp2IW4xXUJ1uHJn3LB8XpaQWHKZOvtXvTA-YfKeyNfYdLA6b2Lb3c1fB3E-Pb2dvDEef5LId5GIlIzOz3U_CCXvSUmAzuuhs8CfKmBtHm8t32Q4P9EPoA_1WOjzCT0FXUUnxb-AeTVnKN_zzeCt9EWAtObDn9Xs1dAu1pIubmfgKRYtA5Lby7LO4VDKLBQEDKgkGkYJTnLz-9SQ_u3BjEAYZGQ_kNoDhgWWrN5LRXtoVd2Hf2jckWdDKQ1nLrVQhtcFUD7Qa-ilkuKwJX3O4LLQVdIekkEIRds1aGg8RN0GboZHf4rS4DuzdtICZ_hb5SWTflXtNfqPHWC2Ojpy3rSKLlr_a2ZsghqqC4e_ph1WFdZHNIurlQm0sEggPGt6acZde6iSWJqpd-x4AIWfGkFVLreq64bm0GJM8GhNz_61iAYnFPmqq32smcxj60iOazUdiltmdA8EOv-KSzJoMXbwNHKotOQ2GX_ev-TypVD8DCIRk_HDo55FZzeUxqoPbod5yzOq0CZW5PVf-OkQLrIjuw6lET0TrUFWCA17fpY4aY-DzX6N0wAhVLGBGzJID9b0qJmAq2LcoHSEeU6aERirrKRk7w8tMxV0v6CZS1rU3JIBFLRF4bBB7NBO1CQueGR27uRMIY1xVzccNZL5YV5bSoxx-S4X5J64VF_bmqtWi4fCoofY387BHIUvPs4m9ayGPAjhhweK45h5jB8KCGVFZYrLW5aKiMeIBC8kcf9OAqb1JH9icd7oPWO-9LoSfafI5rmed0L7JcEKZoznLFsPT11u8XTkdtfILyB5ynWWofip8hB2Lp6mnGADjrmuXMHZPc244TFNkUTYvds3LCrQFIWJZhY5ceHcOMQQmKYb39neRfsqa5SNSdLtwGABl4uUDklsHnB5VYBhb1E6SW4zEr0nkJM0ROboRlRLHhgU_mQnmkZysQOSlrPAu75vUoQ2wnYmcsSJmg7p7bay54OPEEXOElhFmizEBwink12MvGFiAlpxHBBOU8wVd_L0sjBzDDruaQwkS_IPQvd-OuY3O-kFy27hNhLRw5OUiAgKh8G7QEt0vVXNawmNqSeyCNSpb293bOYJe8xrpwixtV7yOLwa_5A8GHwuMG1moSkTr2twcQlyv-dcUhgXnagBgz68iLGKzBBJediw1voGg_oZwPRHTglCwC3e9bMkO6ax6cXTfkKVwBxDhtBxO4I5gmP3qzOB6QquOO5kUDmNTXdgSYtovfFJlZm-vSlcwd-nSyObEi1lv2uBCvTvcxHaQ8KLSTU2DFwfAj6paiUh0yzxCCY5wwhN1Cu41UkHhJDMB7f3KwPYd6HIicPb4lM6Whm0Pm8YjCzfzvE69bufmRu6Gm5tN3Xep0P1G6N6ifdmh4HHomQU4-8dnESn82hGNHb_oRt_Er8kB0HTMXn523HovlxAfBsLn1Tc-KVBj8789rBAUhor65PlrdhmeZldADhDLDKBfjRdqyb-bG85tyOdHNj0R-p4KlaRqjxdPjv3dLgJ6C67eCSYB_E70nkI58IONpCGMy69Y4Y87P6zp0ri_LXYLChgUj4A8E6rvde0Buc-6gmjXm56wgFbNlHsc0mz1Rzi3xFvXaLonhhf_V62pgVNRWnN17yuP3c68Db0DgBbqkt5b2zGpebcQnlfcMAFk6t8kqG498ZVrVruFSI6-gqLKbPua6_3ZAs1SFGFNuwkGezmL-bGv_kY_pdm0zAQnwxk9MY-O3i4oFwBiD2QA4h8HLEamqDkRHbYTlYyz73doyf6NwYMgBLi7U0F2_0yxh8v1YI1mfWlDghZPHaMv2_QoqjdxaIGOUqjBhbCYBllHLKT3yot4MmNx99-TkkX7UvEl2-JN9PddUemx-vQxuIKydmwRLJ3ClveChMMdsfuAvUXm5SCIvQ3rWnOv2tkSOkuHMXa-nnyPqnC6sG9BFpYU4dnVQkKWUZtkzSh8-a_Gg38kXTFgJSJgv9Dx03dEYDlfm8XUvqtBVgYSJQ&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f154.1e100.net
Software
cafe /
Resource Hash
299961cc5f6b7f2390391a8b8118cdab793ce4a0775206f55985eeab5e436d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17547
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8629 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b25ebc9b5c763bf472383d5926ae7e991b5868523f4ed774cf92c921627efc53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 8629 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcRPtGJR4ZeW7BZ_u_tMPu-uHoAzg2JnNc7vjxfzwEbCQwf3qQBABIKuLqWBgleKQgqAHoAHV_dbDKcgBBakCcVT8x7Absj6oAwGqBJUCT9A5arFedWxJpr6BqmTW4jAkn1h1G37Wzk-RA-0pFi8O2fOefrMxYY_oEwqB78n59raOJuOy9JfZfVc0hXnZDBeVux2s6b1BMMASr7gjH8jSf1HUMSuLbPAH29NhIt2l6ZxmYWITSKUk0-AVO57mZvpVQzY7q2nv1aVwlFoDoZMnF1HIMbjBN_MdSuqZs1qn_EYBPn2WSSlLacXjPQ7DPy264tbubgX0tUDdsnlo44wyQ1ONnBtckIFw7_VIozS2Ywp9z226SDXgsFv2egR0VqMU-IYpfyGI29PCC7ZXYqnmteu5CnNx-hqdHj9q4RsuaqcLIXDdUOn14FB8mtTeEttO-GOXso82FQ6h6kfN0furmmaiq8AEoKjXjMIE4AQDiAWzlJ_8TJIFBggbEAMYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH1bWnowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD16RYYiLPR-gHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPbj7Y2yioMDgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECsBPA6KAVyBOd797jA9gTCogUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xNzc2MjI0NzgwNTY2NTkyGADoFwSyGAMiAQA&sigh=TvlYEZUAPuQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 8629 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq2lmon4&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8629 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:38 GMT
file.mp4
r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8629
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C9B93BEFF672281547A6B3CF8A5F51EF67E75CA.815ECCB033C03452E1E59406AB08AAC3F0E4A307/key/cms1/cms_redirect/yes/mh/V3/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hneknee/ms/onc/mt/1702400692/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
HTTP/1.1
Server
2a00:1450:400e:8::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:10:49 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7344995
Last-Modified
Sat, 14 Oct 2023 15:24:42 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 12 Dec 2023 17:10:49 GMT

Redirect headers

date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C9B93BEFF672281547A6B3CF8A5F51EF67E75CA.815ECCB033C03452E1E59406AB08AAC3F0E4A307/key/cms1/cms_redirect/yes/mh/V3/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hneknee/ms/onc/mt/1702400692/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8629 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq2lmoq8&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3711&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.17b~videopreviewvisible.17g&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame A63E 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
101983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 12:51:06 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1BA2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 1BA2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-OTpdNML8PaalkYisXN8ojT7LJfN7XUou7hH0YHEnDYESf4DGpV8-51zRVuFzNAUYxP9lQ2qKbmPtq5pZhpgOqLTT2SptU1iOib27h1aGCMulryOIYhQvWlRJPRwK76TMdPfRCpjvApjkVcpJ0UtikHWK7zb7OLKvR72gGA5XfGjdfUxC_Mklgm1-PUH2vCpQrzpE&cry=1&dbm_d=AKAmf-Bdc1o-HRpshCthOgThoFRFRU04-FxKJiIuJsnVGGccH21EueKwyZnV9K7KqdaDssbd7U2a0dUufl6iV9bGb-q831YoC2xSz4JoESX62866-AQzQ0anj4UiKZLXOKVXFrDJQInG4XiNUmcK-gDDNpL8YhzvzXIbVQHuQdQKNClRNffL2993Q4I9oRIjg52uR6tVD6B617EBuNLKiw3zLyNCR9_8yncRETWYZlViqGaZJNL8hPER81ZM27kxEJQ5ryub3kNraq3QyDxlFj3zOXS0w7BP_xkM1h9IPqVuKwx5_6kJJGelt-GyULjbz6gdR96L6YnXAP1f2Z_Wb12GmJBnMbUCVmy6MLC1ZjVyc_vYB9oCLmrntu1mUQbcWN7Olshy3E8V8lG45frMXMRFr9MiAqLXzA1Jp55UlOMj1HYfNvRXJPht8UdKv1XP91QsQodAgX7cqQvU9hnSkE7igb-Yn_IyqTF6Yf4TnXFkVLWWgwgqo8kNRnK1K9TdTGBFFrGDFCy94EziorFcYGpKTuXj6WMQ3jw8X1wKxtx70zr7lsnIiXaxVQbE8jHRuoePkw-KG65MktcTKHTDtixMTId0G3-fUSlgVZCa4RAgeQhLQ3qcNWsXEHvmRXX8Kyddrtf2IA4z4XI6I0_dDjSrUOcSRDo512Lrn3qiHeQoRXHfzl_YwEE7O8aCdAbN0Hn5dN-uOFKC5bHdWJQCJFDcjIIGgefhpEtBGEWyn5-OgQKQ0EcSQQdo_uzGNj47SOhZp1qnOZEkK67oKaEiBYZUFKPYkLSg9ArSvXcf5ylxGCMGWiYA6PH87tQj3O3iturLp8uGD4xjObYbi-8UBXlwWrYrBLl5DSQo7WI82wDEaU43uuGCjDryO9jmieg8ich4PLmDw1ZFbfC3fr7fs8UUx9Ns0jXrVv7jyEjL0wYISly7jgPV2ZOIYC6j-_2l6mprwsBpEZRQzh44wvIczT_CEy5Uk3LisQX_erkNv96uJgIZWBPrUMxG5FoA48jNvNdztfiRI2STrX9QlCl5vRF8iPX8VJ0PGuQSS_el3euzCAcEUgxX_lfF5QS9tqNu-AWGepxGY2cvnqgV3McxLady4gfBbI9iH8etNdPndN8KOtpNrgiKzIsGIrfqOLH-NeEbmgi9yvG61HofWoXeYaHNXixPa8q2aWx0Sdda5nKTeDfH3eAepqNpu7w9ioYL1H5ofjkwN6CCztt8vO4K63iEJYtbIMc43NAbkgJAhjtTRjO3tOdzmkeGPaz2PyXr_xEkP7pjZCmzSob6tBiKIe6BBNYIBDPqPKBxU3YUKuzcNJVaL0CtWViL3s8HsH-WkADRmJH5FuPR3KgazDVPndZQXq93mmt26QzaLs8f6UmhkOYrgs48NQPAurGpH9HX12lNyX1bVX78J0X5lVmtFyMobUIcvIvRpDgATdnwMhZ9b3k_rbQHko9PGfC93CK__2P8_T_27WuN9l2ALDZ2p-qlCzGVga85nWo26b6nsHHrZ9Noh5d3u2DBeyHtKDpU7Z0sRLQ211h7ceUPPwl0uPQWOdd_ShOJWv2ZKpCDN3LqLWgYFzW5-_OyfW12zOTCr-pzRpPSkgz6g-mt83HekyPXrT1QT1Wgq6zlmemWO2AbBs9jJ0EteVYrruvz0dBtnq4N7eXef7c4VSNunsX5ShKyVBLSYXG9rX0Rhbco-p2SllxqF-eeSYDKo7EiI6WW4qQsmnf3c4SvBSZxObgzOQ0L6JPFUgGmkAOUtKt-oP4-saH2potiABQFOiTXN-I3ILLYUDJr7zfSYJAypDY3JqfroqF4D7OaVogL04tUEHQaiNjGtCOIJ5AyqKSfIThFdQskR40u9s8T6peDb-u8yZUUu6H-MMQ-aEMejstGa3WJadJvRHqFsnKwJOl3o4S1JEgLbZeorWJtVbyRRq1rRPviJy2QkCkBXd6Z4Kl-eRHc4auBPqTq2KwX0A0FGeRqzChv4OSp0c7qIhGVQQQltKpGAYf4JMaQr7QqkbOEiIU3cnnVbr_2-WHIw5Iief2LFTv6pgxYBzGrte-6XEgtKILfkISHAVpnBMblBa10OH1Ccvl59QZHUo4PN1rvzAR_G6B3ecmJD_ukg4fY_iPsJggGlnZOliNH9crXuhBtjm_8-FrA7brJoO_hWUF7Uh9HYOVhonh5iCHj_gpGEtDrEjWF_OIgwLuxdrIFx4wiFhERO2uI5II6gJYqU2us1EMBl_UNJLzYgPvlaoVZ26uLEYZPn24dtDeQhoFWh_j_mheggW9mBBZKSYHuhsI9syzy97iyLftElFLH9mS3q9PW4C81I2rq9nP4j2PXqdwqKlcARkv2fq5CMqpxBchafqRhXThNDQH6jtOQhWycQuI59STK0En9ZIUftV2KdOQFZ9Jqyy_dhYFBIYJeA4U2sMFFi-TXyS6BxYWeXcAD5q8BfkqOM23xnvqrSLMLUq_WoSNQSQd3wC2Ghb74F911nAQGz4GXHJAt32o2snFJ-PqagedZ7eFqVVYFiB1_0cM9AWheJlVk4PFVV5R3aLUw0YAFj8_7qJ9sE7LVZG_CCRH6FCycgFgsBblaB-JF6pbVauYMUBpZ0MfDyCbL2zawW1Bzijpcd9Fcdr2qMR3RsSpMRB8aKNeFurXncYHq5-gRPLADJLMjhtyQPrpZgvCRGDybKJxuFjLQO8xrZthqzHMXpVpmTZTBRU-c-sL1lcsXBagIXQIypHbQvrXk7PPZOHNfcnyfj0cuAwe19I6E_mRh5ZgaNH3UMZdwIBi_I-LdorK9PenLXgL0B5T9KFaESer8gYQtqQY2q37auue1bJkp6UZIF6QEn7yDqi4-yRLA0nCVPLdJ0QFXElCGb6IfzxUhDU5toiG8akFNODrA1iQWQnLWNHqUDEhc0aSSPLpdTjyaM0M2EGRC9VMPJlPuTOi6OLVRN5w6nzkVW6IkYyCUWhgCCQIk9yv90tjYbnJKQAqf7RqSeBy_YGsgUfr21M3u5gjLs7wZewF0WSLQCuGGa_OJ6rDHlB76IihRA3qfN0LiwR2Fby7W-NrJfh55OIC9GPLwBsa5LIvqhzjA5CBxwvMw1dpR0YMpmQd9FDkMI1S1zrpY9AylIx-Eyf_gNTIDyRNsMr6Ia5ed15NDv5YSzCjyz8gY5Yxu5G1ccb1HSW071cClkqm9t8AHdki0oMyGdseL0lm5S0wGUvSrc1ScyUfM9Av3Te28cCel-4XC1wLBwFUdhxXSCmYKb-s-2nnnjqD8VxITKMNYAKtu7RML4JSRLPGOJZr-7FaMx-BiKQROp3vfW5O0S1rl7pJCltDSo_FzDJIWyNedDiRjAhP8y9JRelYhJUVpkfFQY-uKV5KUsLCvmqLmSya5EMB4wX7Gl8MzVULqNF2TJIKq4Djl736lb10hvQqAbQEJwW6z7eR3zJNHU8x4zBfoBIUidwtISPtzcSlrii1QRxGAA-ZAkAUr5QAz6_9451ykJhzHzZOq_kDu43OrZW6kW5k0MHjE1f2wC90acehJwejTx-6JXuArJ7GkuvNFxLGgPX-oT5Dd7KReiZ2tLI-oBbQGjNGgi_D68YbsGVICgcPzMHfG1sbpQoozNSLgvZ8MU0cMRJEa3ExsSnhAPMhffNEEKg-lSRKcurPebF-EBBTBX8Cd1xT5ijmQCNxXF6SQndyRnYtqZU2mhr4rPiQ82hXRJdK3WmQdYhjSkKA-MhzyRJY9YOAlbXAITnEtftbtaVkfRGVhxBG2gCXXh2kgMhgtQTIBrpUoCZ4LB4qBdTz7LbVJ7bjwuy8ayBjy7_qDzdIBOu3X8CrGmiosEVPm2fGBCarYuoZpKIB7N60Vk6ViFLgZjaVBIKtHCntCQaWPjTuqakBdOI1eMywGwk_cptg6lEkOTg6A7-vTkpCluLq-Vig_n6zDMS-JxKNKCZHqGotiFyFG3Hrx5qimzTVruPKDRmveZhTBBqeblsK09G6AsLa3dDsoU9cuI-IXmLp5SHv5-Da02-TYxmMtPF6KSxGJgInwfNdU66kdSFqalDEXsW40OOihFuOZa5c71Qh8qy7D3Ba3fY8wsoHMreU&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.getit01.com%2F&ds=l&xdt=1&iif=1&cor=592067139324122000&adk=521587873&idt=161&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
54771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1BA2 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-OTpdNML8PaalkYisXN8ojT7LJfN7XUou7hH0YHEnDYESf4DGpV8-51zRVuFzNAUYxP9lQ2qKbmPtq5pZhpgOqLTT2SptU1iOib27h1aGCMulryOIYhQvWlRJPRwK76TMdPfRCpjvApjkVcpJ0UtikHWK7zb7OLKvR72gGA5XfGjdfUxC_Mklgm1-PUH2vCpQrzpE&cry=1&dbm_d=AKAmf-Bdc1o-HRpshCthOgThoFRFRU04-FxKJiIuJsnVGGccH21EueKwyZnV9K7KqdaDssbd7U2a0dUufl6iV9bGb-q831YoC2xSz4JoESX62866-AQzQ0anj4UiKZLXOKVXFrDJQInG4XiNUmcK-gDDNpL8YhzvzXIbVQHuQdQKNClRNffL2993Q4I9oRIjg52uR6tVD6B617EBuNLKiw3zLyNCR9_8yncRETWYZlViqGaZJNL8hPER81ZM27kxEJQ5ryub3kNraq3QyDxlFj3zOXS0w7BP_xkM1h9IPqVuKwx5_6kJJGelt-GyULjbz6gdR96L6YnXAP1f2Z_Wb12GmJBnMbUCVmy6MLC1ZjVyc_vYB9oCLmrntu1mUQbcWN7Olshy3E8V8lG45frMXMRFr9MiAqLXzA1Jp55UlOMj1HYfNvRXJPht8UdKv1XP91QsQodAgX7cqQvU9hnSkE7igb-Yn_IyqTF6Yf4TnXFkVLWWgwgqo8kNRnK1K9TdTGBFFrGDFCy94EziorFcYGpKTuXj6WMQ3jw8X1wKxtx70zr7lsnIiXaxVQbE8jHRuoePkw-KG65MktcTKHTDtixMTId0G3-fUSlgVZCa4RAgeQhLQ3qcNWsXEHvmRXX8Kyddrtf2IA4z4XI6I0_dDjSrUOcSRDo512Lrn3qiHeQoRXHfzl_YwEE7O8aCdAbN0Hn5dN-uOFKC5bHdWJQCJFDcjIIGgefhpEtBGEWyn5-OgQKQ0EcSQQdo_uzGNj47SOhZp1qnOZEkK67oKaEiBYZUFKPYkLSg9ArSvXcf5ylxGCMGWiYA6PH87tQj3O3iturLp8uGD4xjObYbi-8UBXlwWrYrBLl5DSQo7WI82wDEaU43uuGCjDryO9jmieg8ich4PLmDw1ZFbfC3fr7fs8UUx9Ns0jXrVv7jyEjL0wYISly7jgPV2ZOIYC6j-_2l6mprwsBpEZRQzh44wvIczT_CEy5Uk3LisQX_erkNv96uJgIZWBPrUMxG5FoA48jNvNdztfiRI2STrX9QlCl5vRF8iPX8VJ0PGuQSS_el3euzCAcEUgxX_lfF5QS9tqNu-AWGepxGY2cvnqgV3McxLady4gfBbI9iH8etNdPndN8KOtpNrgiKzIsGIrfqOLH-NeEbmgi9yvG61HofWoXeYaHNXixPa8q2aWx0Sdda5nKTeDfH3eAepqNpu7w9ioYL1H5ofjkwN6CCztt8vO4K63iEJYtbIMc43NAbkgJAhjtTRjO3tOdzmkeGPaz2PyXr_xEkP7pjZCmzSob6tBiKIe6BBNYIBDPqPKBxU3YUKuzcNJVaL0CtWViL3s8HsH-WkADRmJH5FuPR3KgazDVPndZQXq93mmt26QzaLs8f6UmhkOYrgs48NQPAurGpH9HX12lNyX1bVX78J0X5lVmtFyMobUIcvIvRpDgATdnwMhZ9b3k_rbQHko9PGfC93CK__2P8_T_27WuN9l2ALDZ2p-qlCzGVga85nWo26b6nsHHrZ9Noh5d3u2DBeyHtKDpU7Z0sRLQ211h7ceUPPwl0uPQWOdd_ShOJWv2ZKpCDN3LqLWgYFzW5-_OyfW12zOTCr-pzRpPSkgz6g-mt83HekyPXrT1QT1Wgq6zlmemWO2AbBs9jJ0EteVYrruvz0dBtnq4N7eXef7c4VSNunsX5ShKyVBLSYXG9rX0Rhbco-p2SllxqF-eeSYDKo7EiI6WW4qQsmnf3c4SvBSZxObgzOQ0L6JPFUgGmkAOUtKt-oP4-saH2potiABQFOiTXN-I3ILLYUDJr7zfSYJAypDY3JqfroqF4D7OaVogL04tUEHQaiNjGtCOIJ5AyqKSfIThFdQskR40u9s8T6peDb-u8yZUUu6H-MMQ-aEMejstGa3WJadJvRHqFsnKwJOl3o4S1JEgLbZeorWJtVbyRRq1rRPviJy2QkCkBXd6Z4Kl-eRHc4auBPqTq2KwX0A0FGeRqzChv4OSp0c7qIhGVQQQltKpGAYf4JMaQr7QqkbOEiIU3cnnVbr_2-WHIw5Iief2LFTv6pgxYBzGrte-6XEgtKILfkISHAVpnBMblBa10OH1Ccvl59QZHUo4PN1rvzAR_G6B3ecmJD_ukg4fY_iPsJggGlnZOliNH9crXuhBtjm_8-FrA7brJoO_hWUF7Uh9HYOVhonh5iCHj_gpGEtDrEjWF_OIgwLuxdrIFx4wiFhERO2uI5II6gJYqU2us1EMBl_UNJLzYgPvlaoVZ26uLEYZPn24dtDeQhoFWh_j_mheggW9mBBZKSYHuhsI9syzy97iyLftElFLH9mS3q9PW4C81I2rq9nP4j2PXqdwqKlcARkv2fq5CMqpxBchafqRhXThNDQH6jtOQhWycQuI59STK0En9ZIUftV2KdOQFZ9Jqyy_dhYFBIYJeA4U2sMFFi-TXyS6BxYWeXcAD5q8BfkqOM23xnvqrSLMLUq_WoSNQSQd3wC2Ghb74F911nAQGz4GXHJAt32o2snFJ-PqagedZ7eFqVVYFiB1_0cM9AWheJlVk4PFVV5R3aLUw0YAFj8_7qJ9sE7LVZG_CCRH6FCycgFgsBblaB-JF6pbVauYMUBpZ0MfDyCbL2zawW1Bzijpcd9Fcdr2qMR3RsSpMRB8aKNeFurXncYHq5-gRPLADJLMjhtyQPrpZgvCRGDybKJxuFjLQO8xrZthqzHMXpVpmTZTBRU-c-sL1lcsXBagIXQIypHbQvrXk7PPZOHNfcnyfj0cuAwe19I6E_mRh5ZgaNH3UMZdwIBi_I-LdorK9PenLXgL0B5T9KFaESer8gYQtqQY2q37auue1bJkp6UZIF6QEn7yDqi4-yRLA0nCVPLdJ0QFXElCGb6IfzxUhDU5toiG8akFNODrA1iQWQnLWNHqUDEhc0aSSPLpdTjyaM0M2EGRC9VMPJlPuTOi6OLVRN5w6nzkVW6IkYyCUWhgCCQIk9yv90tjYbnJKQAqf7RqSeBy_YGsgUfr21M3u5gjLs7wZewF0WSLQCuGGa_OJ6rDHlB76IihRA3qfN0LiwR2Fby7W-NrJfh55OIC9GPLwBsa5LIvqhzjA5CBxwvMw1dpR0YMpmQd9FDkMI1S1zrpY9AylIx-Eyf_gNTIDyRNsMr6Ia5ed15NDv5YSzCjyz8gY5Yxu5G1ccb1HSW071cClkqm9t8AHdki0oMyGdseL0lm5S0wGUvSrc1ScyUfM9Av3Te28cCel-4XC1wLBwFUdhxXSCmYKb-s-2nnnjqD8VxITKMNYAKtu7RML4JSRLPGOJZr-7FaMx-BiKQROp3vfW5O0S1rl7pJCltDSo_FzDJIWyNedDiRjAhP8y9JRelYhJUVpkfFQY-uKV5KUsLCvmqLmSya5EMB4wX7Gl8MzVULqNF2TJIKq4Djl736lb10hvQqAbQEJwW6z7eR3zJNHU8x4zBfoBIUidwtISPtzcSlrii1QRxGAA-ZAkAUr5QAz6_9451ykJhzHzZOq_kDu43OrZW6kW5k0MHjE1f2wC90acehJwejTx-6JXuArJ7GkuvNFxLGgPX-oT5Dd7KReiZ2tLI-oBbQGjNGgi_D68YbsGVICgcPzMHfG1sbpQoozNSLgvZ8MU0cMRJEa3ExsSnhAPMhffNEEKg-lSRKcurPebF-EBBTBX8Cd1xT5ijmQCNxXF6SQndyRnYtqZU2mhr4rPiQ82hXRJdK3WmQdYhjSkKA-MhzyRJY9YOAlbXAITnEtftbtaVkfRGVhxBG2gCXXh2kgMhgtQTIBrpUoCZ4LB4qBdTz7LbVJ7bjwuy8ayBjy7_qDzdIBOu3X8CrGmiosEVPm2fGBCarYuoZpKIB7N60Vk6ViFLgZjaVBIKtHCntCQaWPjTuqakBdOI1eMywGwk_cptg6lEkOTg6A7-vTkpCluLq-Vig_n6zDMS-JxKNKCZHqGotiFyFG3Hrx5qimzTVruPKDRmveZhTBBqeblsK09G6AsLa3dDsoU9cuI-IXmLp5SHv5-Da02-TYxmMtPF6KSxGJgInwfNdU66kdSFqalDEXsW40OOihFuOZa5c71Qh8qy7D3Ba3fY8wsoHMreU&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.getit01.com%2F&ds=l&xdt=1&iif=1&cor=592067139324122000&adk=521587873&idt=161&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
73702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1BA2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
342341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9E75 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 06:36:22 GMT
expires
Wed, 11 Dec 2024 06:36:22 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 2D7D 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 16:35:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 17:10:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2D7D 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2D7D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2D7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
10795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DAD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2D7D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
54990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 2D7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt75q60949gCP5EwapMfY67INx3VFJvwFv8ipUXJciMcn9APQYe8rFaiH_BYhoTVLvcqQQUiPlvTNCQsPvT65A7pHyrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D7D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:10:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 2D7D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1986401073106465939/ Frame 2D7D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1986401073106465939/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4e041099f592ffa97807063d0d18c1f3d67487c958e1b3d40bdc8f1b476320f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:29:11 GMT
x-content-type-options
nosniff
age
27698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19630
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 03:22:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:29:11 GMT
truncated
/ Frame 2D7D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2D7D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DBAF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9E75 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 16:22:25 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3DAD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1&google_push=AXcoOmRUl1RyF4cqMKKTXpyDRzSwpFtDhQVGp7-z1cS_R5ddETYl1MNbe8VGh8S2QnQUGn1mUY9EM7YAg8tj-q235nVvbtfKn9YdFl0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYxODEyNzkxMjI3NzA2NzM3Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZTEjSVDO8PY0-DgzPXZWk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3DAD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFVMZVdGc3UxUmQ2aHI1&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFVMZVdGc3UxUmQ2aHI1&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7QqAbt3uG-qAOW49ao25MA6nXTjBQjukp8t_5HZokTWOldN1EykjUVoA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:10:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFVMZVdGc3UxUmQ2aHI1&google_gid=CAESEK1uQyKg8FQQ3d2MfiXyiOE&google_cver=1&google_push=AXcoOmQXVlp7fQnCIHbRdmMqqvJpCLDEBbt6Yi48OPVqJD7QqAbt3uG-qAOW49ao25MA6nXTjBQjukp8t_5HZokTWOldN1EykjUVoA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3DAD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZ...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2...
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
834795421e4b2c33-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
139
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKLsh8Xr5WCQWbFOSPxzB24&google_cver=1&google_push=AXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdIaS6dmoz57T4Qch6D7sYqXSMLs61aW0s9zg5WugJeQRuARSgJulRc6MKNoJDwH-HbxPivZlV9WXTyGYFbJoVDK6leQ2HZg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83479540fca72c33-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3DAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIweyFRuV8Zd1DHIZRMUYSg&google_push=AXcoOmRixdyVP8WUvgy3uuF3aSuQwGcDc0Hucyfw3EZ7hUXSPcY78tzppF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIweyFRuV8Zd1DHIZRMUYSg&google_push=AXcoOmRixdyVP8WUvgy3uuF3aSuQwGcDc0Hucyfw3EZ7hUXSPcY78tzppFAoeODa7JJMC0HCqrqYMMWN62EAnBRpmz9SbziEPl6CTE0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230138-FRA
pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702401050.767737,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIweyFRuV8Zd1DHIZRMUYSg&google_push=AXcoOmRixdyVP8WUvgy3uuF3aSuQwGcDc0Hucyfw3EZ7hUXSPcY78tzppFAoeODa7JJMC0HCqrqYMMWN62EAnBRpmz9SbziEPl6CTE0
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
sync
x.bidswitch.net/ Frame 3DAD 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECdb4IbYnLFyjKZkT-yZfII&google_cver=1&google_push=AXcoOmR5_woncVrMFhjO--QLodjQSv4aS-9UWu2sVGHZJ-LOsrqs8yrWlDAb5mev8ClvQ4Xfz9VEZeI0SJns47Bmyo23psU9KGoNTUQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.231.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3DAD
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJbH3LTW0GVaaXqcdtoZILw&google_cver=1&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPb...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJbH3LTW0GVaaXqcdtoZILw&google_cver=1&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVx...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQkOfzEcVXX8MN-QyEd-GOKcpEV5_r78klpw14XtW71A8X7EryEX89cvdVsA9aTWodKjfCP45ZN-NmSO1JDRccVxPbp1t4SeKs
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3DAD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAiIkTmeh-Bnmy34dHLGmOU&google_cver=1&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDs...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAiIkTmeh-Bnmy34dHLGmOU&google_cver=1&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY3MDExMTEzNDIxNDUxMTg0NQ&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY3MDExMTEzNDIxNDUxMTg0NQ&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDsCvZ5WmqJG-Ze_-ORiXRgEjo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY3MDExMTEzNDIxNDUxMTg0NQ&google_push=AXcoOmTz2S4Iw3lIJyOi-LvEx5rdmMe40mPzEAjvvpSKAueuQsizA4pFuw2t5STUmXwoaPO-o9_eJzDsCvZ5WmqJG-Ze_-ORiXRgEjo
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3DAD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jo86pgbsSKeE62_n6ic5txjKSzYaMfLtoKsL0ecb21fR_o4tYjnXA1ZWxIeBSuJUnEyY_s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2D7D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49606c4504c31ba2c8aa4b0986b56795fd8a1a24a31f0899c3eb700d683dfc00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DBAF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 16:22:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E75 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4A7uGZR4ZbnqHYyImLAPqKigsAwAAAAAOAHgBAI&bg=!g4ClgM_NAAY3kmNgF5I7ADQBe5WfOB9ohiz5lyMUbRkXSdz3NTPvdZcZWmYsB-xUA3iBrmO8hxoMB3GyS5QuM-aiXaWHAgAAACxSAAAAAWgBB5kDK7peAAB9Xa4w9DsR_2Ykym1VVZ1OVUw0oqpwRvUGWmyD1IJNZEIs1PoHz1tCA_hGGzEnDIQI1RuhOHzDnxachYvohbWjhGA3pQey43Fd5l5Rn1MT791RhrgINTpnvAfBX-A-VDgJP4QdSZQGcBDAK2l56VHUV2PmuaT8e8NM2M2NHSyOiPKrw0anBXWa_IWeRQOTaH0VLdaqQjFn0ZTxBunr45f417zbZ6SC4fsUmsWSVipINSWpo_JhnU-qDzORqtWS-8KQ-698H7MuHpj_Sio2w6JktW57q8FRHSPA2e-DWTuUP_4epp0ixXkO-MiyDe0Dh97eL7q4MSQFau71LK9n6DKLc5cd1kfahDs5rVvRvIV8xHXUjXCpAGPcaAUynL2FunDKQzRhqBQz4ewdXkDBBXP-VBdt_ZK-mn30Pu_ciFeXLQHTzddWvkhQtP-pdQoiJCM7lnowMiazNbzgF_bAd318mPcxfFpU6az_u5y-Sti2-fP2CNosKIlvtCG37-F4oPVsxcpPnR4f3YJV6pEs_kxdXVPPgVAWlnrTdrJUDF68PKjB3p2pGLId7qqxroHvsE1_XPl21DsOhPbTRJk4iK8JB80fU1QueVTg1_cQ7Wjbi3dkec3vCFsPkllPdYTU28sZFaV8C3Q9oJF1L5cYVse4Ut7iz-sGL3q54sWzKiJ0Ui_jlwtSS8rXaJQ_45MZaczPRjupHfXktKRiV9-vtM5FGWHkmB-LcG_OeINvZr1IiVYD8GOEw5XJCvBRSf6PRLf0gBYEKv3gOl2kfKsmcTNQ1tU2eG54lJbA_HEgbCrdlxW6zA-cE7AqWf8H17LijlwB7DkkV5t5hv0X-Ga0OrTZTo1SGyj0MXK8LUAcoluw5lydv87Jfb1_VEq8Pk8Nnv9sHTCpQwJ5lA8SAoCG7gB02isbtosHMAysfY7eaXv_Dz34uwwDsrAbDZYO2RWzZs7B7QRpkKTjmGA1C_VxgYfH30F_Lx_vTWJH0iKgfv3xLrwRCQEB3iYoO9WiPV8yQcCmtqUWGjtzcDNYow2W10jBwNOe3v7cCTA_3ExFg-ZrHsBuXdGDQ0E
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		79 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8ed9625d17a733c96bea5bd76742f0e996eca6785b91776123707ff43e628e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20277
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:10:16 GMT
expires
Wed, 11 Dec 2024 09:10:16 GMT
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1BA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTnWC_I7xbxP-tR2cyRxGVxOOPQ1V6shVCe56yWUIH7xN-amzUgSbVm55avMyv2WizUvgKpAQ2JmGoIfclJChAO07QFrPCnCBdBHCvWOEIy_89jLB5tON4CJUQ_YbYj7mi_Y5GFN25Ehrr7gWAPG7JLXYCcrzNGFdHsAQsNsQ399UN_fB8bTpX3u6gGLlDADkQwfkaXQy2ca2Vnyb3rFeJvSgpROaDaLyTYX_uSmx-C2_VTERgnbeNEnR59ZDyYbRLqWkUrOil-j4Bu9whc3s4YdIcRepQazeoGh_yxKBIWfZrjinjgNbJYfmemsHmIV8NZXqZusThfM2kmJlSmhou4MMAMqtj6c4uduaQMRX0XuDv6mKGgtKT380ttPjxayn-iBQXiYHkKPDRFAy5TgnClbYaQ9eLfZDYpdMhsxQaLGt6x1e_WMINYUgL4-qr5pbOp0JUPEn7YG9ZzCbvaHBAiYcki4tDgWyuYV1HXhMlxaUh7U0LIU4b__Sd2ABnqWfI0mr18WWFgTCfpLn6K8BPGek5D-t_xHMA-uIJd9UezrXoKxFQF_5VfOtuyumk5bwxLkgxNOVC_ey6nJGiW5pUHfHDmGhS814iZ4N9NOLJAE563qPtmKMhQgUMZXoQ7q4oBOmvzBJCY6mdCy11lbsOnzv6AgwwBGaiBw_NMN79mHhI2GER8ME_4Sdn8bWP9ccsIO_wNEc_qM8w8D_YmOpESabQFPXxSCZg4ALGJ7sO7tV6YLPWmL3rqRJJK0VkBfCJNlxCiKUUs-MxwDaW2jdJ5VdDfXc-IBNN5hOmzI9VoPhMdM_y2frcB0o7rQY1TA2_PauF-CamkNw0TdW3lJUjgZ-fE-uwfyfhzhSAtqXRFSSWSvZsxeHQvgoOkjVExY08XiZwE1k0SRdWNYgbkzOJNKJb6kqBE2bskycETY27YnfsRhijYwrz5c4Oj_evGH1aVmw4qtHzvEpiZ8Vbp13Q2QA0AGjit-kEQ-rXPRN2lxkslpPHRfInRGBgGElgI0U85OPyqFhYS-WWbT9t3FDTfctCKpCO8Vpzrs0tX7p_uUdoNjUUp3TEo9vj3Dsl1BX7S8FI82UZRAISX4oDrNYTNBEN8XPxMo_hgnKh1gZZfQrZ9R0HHdlpTm-PJyUsF6m1Fy_tHSR2a5MJVrVNVESa7iqMVks-styylcxmjP6Jv7f6KhfRUyViahWkeXoyaP7kF12LfcM3OCJ4mqLhqKfNTt2ynsRZtyq_SuYNV1AzHrwoBsIF_aRRNP7JWerQp-WWPiz1JSWTCOkLjH0gPsxEZBY-TqjFIqNCbSbZWts7ZiE0Qmm0reLYC55wMRv-BJGA_e_5dGNkAKBWuK4rqs6pOo6F5Ljj&sai=AMfl-YSbrBeYYJc_uGoRdU3g3k8gq_P5lA-G3aRc3dGUVsg8ZEuuBLo7SQX_kn3PtDuEkEhKP9_NNEwvg00DfAaHA5g8UwuYwmpFYGW3y9s4piPpVG7L-AZhWnFJIh9pfnggTTM7U_SXiamjHpXxVTluHGKUti7qK9LiernDhQLsGhSyoMcykdW9uUM2AkmQlZ7KN9KmFPBKcBXDCpNaDpybvIplHwPNUriCSNXfPTuTLU1A8nbMJALptGs6OuoX6n--e2PhTbMBRBODs7Vl_1fp8pQZZNmnSGYhuYweFA&sig=Cg0ArKJSzJ2tprMEmJdREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=252&cbvp=1&cstd=250&cisv=r20231207.78594&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2D7D 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:19:37 GMT
x-content-type-options
nosniff
age
60672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 00:19:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 2D7D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_jesGJR4ZaKDNdq-9u8P68mU4Abn_6LZdJ2tm8brD_mGl9mEMBABIKuLqWBgleKQgqAHoAGHyOeJA8gBCakCcVT8x7Absj6oAwHIA8sEqgTtAU_Q5uHrWJckPjkXtF4hYA8GpELxjxw0Rkd...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216967630963283347539%22,%22debug_reporting%22:true,%22destination%22:%22https://lebensfreunde.de%22,%22event_report_window...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216967630963283347539%22,%22debug_reporting%22:true,%22destination%22:%22https://lebensfreunde.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22825877511%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227210861718808244769%22}&andc=true
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"16967630963283347539","debug_reporting":true,"destination":"https://lebensfreunde.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["825877511"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"7210861718808244769"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:10:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16967630963283347539","debug_reporting":true,"destination":"https://lebensfreunde.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["825877511"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"7210861718808244769"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame CD0C 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1776224780566592&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.1976017289~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702401048&rafmt=1&to=qs&pwprc=7418379027&format=1200x280&url=https%3A%2F%2Fwww.getit01.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702401048818&bpp=1&bdt=1990&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=4835875188330&frm=20&pv=1&ga_vid=85407608.1702401048&ga_sid=1702401048&ga_hid=1847484540&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079920%2C31079964%2C44795922%2C95320885&oid=2&pvsid=3749584760896963&tmod=1278835110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
101983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 12:51:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBAF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHqG2GZR4ZcL4FMzL9u8Pgb6-qAgAAAAAOAHgBAI&bg=!xsWlxYrNAAY3kmNgF5I7ADQBe5WfOAzF61WV91B0F4Yxem6uOKzynE8vyB1SBSzvcwHXVHoSqC5HNHwfYHUBhJcmiSmVAgAAADFSAAAAAWgBB5kDP5jOcGxF6qIwzC29eFqXxnEg2s4pwfZC56TN2sc9ubrn5aSxk_C9jrgghue4h8Vi-BPr9bFdg_F7uLIrrekofwfORUzhFOtNGvMTCGS8G7XpSkXj3aYEVyAT1yFz14SSmC-RP2k-7ejVxWsome8JlBN86LN5MowXzMXNO1A2av2uuvQBQH0zRNtHoAGHuJwv0el5EBTc6qfTvvWZKF_OAKE9Vp2YOO6OS_c0iqFENzL71eEF1HVAN6n4ytn7Hhic-lB5KtXXxgW-AowrA0FV6BMS4KkXd9wmq7MRlB5A8rVdnB5FwYv-mPvfFsCM_77SPQHwuO4oJZB7KX3vCozc7pVdSb8vbv0rJQqqySmgDvlcFk5J1Sw2Hm2tuqzEFUF9iA8iswZbxQAJQs5o-sN_tHTcO5-0HPtf_Or22800UsNxDrITM2asuX4Lx1GWGu2VfebXLIFh303E7GvHJw6xZHguI-lVXkFLPV2n0HnyHZGhCpIaEgtx-qLxEKTwad05Uk2a5OsKFP4TJ2iVDaJov08LVffi6RjDSKLhBGWxcOG0t1Re4EwKmOCDMjXSwBvg0CrYTkmDA7u8AQAwlJXAw3CcQE0QbdjBM2YzomzvVnNTqR5xPBC0dLjursN1c8Wyny3uSAYVTovCIf5IKHysfiWiKPC1Z9GwgHUt8Hg0mmgoVvPeDa0oJF1G384mtfta-_JTgdzQzl9ZeDSq4kNe-rI1ZgWxe02O6o1173K8A0fucyWeLtcMXhNDyKo1SFOHpmA0457_u8jBU5bGkDnYUzYWGPy53m8alzHRzzmpyLm88rz4n4-loUKWWbWZdXpTAduvnySWecmlaeROhNipetkbsDJWLZL1-7rf1JLJDyvsMAZnfOS3KAp9teDi6BJWY-YEW2fZbumEEsxQfHYlYwDzuRtDRscT2BFjxxp7zMpR1JoUTw0EyMdXzc4j7xRhEKXVxVX2VHaBueUJvNR-sfue7bXcfNNbYSsHktY7K-fmkrEm_eaLGHbzvgUI_-f__DmeYGOmM6WEr4qwgNQHDC5XTdUI75yxu_EzsrKZBSu-g25UUbEyGD7HgZdpyC6ypPzkuWXTVU_az9dm0knOcg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8629 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hneknee.c.2mdn.net/videoplayback/id/b5da4c0e36bce838/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841745109/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C9B93BEFF672281547A6B3CF8A5F51EF67E75CA.815ECCB033C03452E1E59406AB08AAC3F0E4A307/key/cms1/cms_redirect/yes/mh/V3/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hneknee/ms/onc/mt/1702400692/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:8::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
71b670d3bab5627f897a7b4647c7b1ef7bb0ce2460770853f61e3d8dd8989765
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 12 Dec 2023 17:10:49 GMT
date
Tue, 12 Dec 2023 17:10:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-7344994/7344995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7344995
last-modified
Sat, 14 Oct 2023 15:24:42 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216967630963283347539%22,%22debug_reporting%22:true,%22destination%22:%22https://lebensfreunde.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22825877511%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227210861718808244769%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 17:10:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame A68C 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 23:49:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1BA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTnWC_I7xbxP-tR2cyRxGVxOOPQ1V6shVCe56yWUIH7xN-amzUgSbVm55avMyv2WizUvgKpAQ2JmGoIfclJChAO07QFrPCnCBdBHCvWOEIy_89jLB5tON4CJUQ_YbYj7mi_Y5GFN25Ehrr7gWAPG7JLXYCcrzNGFdHsAQsNsQ399UN_fB8bTpX3u6gGLlDADkQwfkaXQy2ca2Vnyb3rFeJvSgpROaDaLyTYX_uSmx-C2_VTERgnbeNEnR59ZDyYbRLqWkUrOil-j4Bu9whc3s4YdIcRepQazeoGh_yxKBIWfZrjinjgNbJYfmemsHmIV8NZXqZusThfM2kmJlSmhou4MMAMqtj6c4uduaQMRX0XuDv6mKGgtKT380ttPjxayn-iBQXiYHkKPDRFAy5TgnClbYaQ9eLfZDYpdMhsxQaLGt6x1e_WMINYUgL4-qr5pbOp0JUPEn7YG9ZzCbvaHBAiYcki4tDgWyuYV1HXhMlxaUh7U0LIU4b__Sd2ABnqWfI0mr18WWFgTCfpLn6K8BPGek5D-t_xHMA-uIJd9UezrXoKxFQF_5VfOtuyumk5bwxLkgxNOVC_ey6nJGiW5pUHfHDmGhS814iZ4N9NOLJAE563qPtmKMhQgUMZXoQ7q4oBOmvzBJCY6mdCy11lbsOnzv6AgwwBGaiBw_NMN79mHhI2GER8ME_4Sdn8bWP9ccsIO_wNEc_qM8w8D_YmOpESabQFPXxSCZg4ALGJ7sO7tV6YLPWmL3rqRJJK0VkBfCJNlxCiKUUs-MxwDaW2jdJ5VdDfXc-IBNN5hOmzI9VoPhMdM_y2frcB0o7rQY1TA2_PauF-CamkNw0TdW3lJUjgZ-fE-uwfyfhzhSAtqXRFSSWSvZsxeHQvgoOkjVExY08XiZwE1k0SRdWNYgbkzOJNKJb6kqBE2bskycETY27YnfsRhijYwrz5c4Oj_evGH1aVmw4qtHzvEpiZ8Vbp13Q2QA0AGjit-kEQ-rXPRN2lxkslpPHRfInRGBgGElgI0U85OPyqFhYS-WWbT9t3FDTfctCKpCO8Vpzrs0tX7p_uUdoNjUUp3TEo9vj3Dsl1BX7S8FI82UZRAISX4oDrNYTNBEN8XPxMo_hgnKh1gZZfQrZ9R0HHdlpTm-PJyUsF6m1Fy_tHSR2a5MJVrVNVESa7iqMVks-styylcxmjP6Jv7f6KhfRUyViahWkeXoyaP7kF12LfcM3OCJ4mqLhqKfNTt2ynsRZtyq_SuYNV1AzHrwoBsIF_aRRNP7JWerQp-WWPiz1JSWTCOkLjH0gPsxEZBY-TqjFIqNCbSbZWts7ZiE0Qmm0reLYC55wMRv-BJGA_e_5dGNkAKBWuK4rqs6pOo6F5Ljj&sai=AMfl-YSbrBeYYJc_uGoRdU3g3k8gq_P5lA-G3aRc3dGUVsg8ZEuuBLo7SQX_kn3PtDuEkEhKP9_NNEwvg00DfAaHA5g8UwuYwmpFYGW3y9s4piPpVG7L-AZhWnFJIh9pfnggTTM7U_SXiamjHpXxVTluHGKUti7qK9LiernDhQLsGhSyoMcykdW9uUM2AkmQlZ7KN9KmFPBKcBXDCpNaDpybvIplHwPNUriCSNXfPTuTLU1A8nbMJALptGs6OuoX6n--e2PhTbMBRBODs7Vl_1fp8pQZZNmnSGYhuYweFA&sig=Cg0ArKJSzJ2tprMEmJdREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=500&vt=11&dtpt=248&dett=3&cstd=250&cisv=r20231207.78594&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.getit01.com
URL: https://www.getit01.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b39f533a57c16e38436367e5c8ecc89aca03faa9358e63cb870a30319fd82e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12098
x-xss-protection
0
truncated
/ Frame 1BA2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8e9da06eb110773e5da438d0b01aec9ad69980ac1e713dc8c86cfd79220ba73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
dc_oe=ChMI-drHjrKKgwMVDAQGAB0oFAjGEAAYACC7uKxgQhMI5afyjbKKgwMVH7d_BB279QHE;dc_eps=AHas8cDir3db50pZpc0hBNADQxGS5-Lo_F_vl35hbS19M0F06sD1JAjhV8lFFpoGCdly2BVHFMhu6tE;met=1;acvw=sv%3D959%26v%3D20231113%...
ade.googlesyndication.com/ddm/activity/ Frame 8629 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-drHjrKKgwMVDAQGAB0oFAjGEAAYACC7uKxgQhMI5afyjbKKgwMVH7d_BB279QHE;dc_eps=AHas8cDir3db50pZpc0hBNADQxGS5-Lo_F_vl35hbS19M0F06sD1JAjhV8lFFpoGCdly2BVHFMhu6tE;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D3%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D557960498%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702401050082;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8629 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7AgzGJR4ZeW7BZ_u_tMPu-uHoAzg2JnNc7vjxfzwEbCQwf3qQBABIKuLqWBgleKQgqAHoAHV_dbDKcgBBakCcVT8x7Absj6oAwHIA5sEqgSYAk_QOWqxXnVsSaa-gapk1uIwJJ9YdRt-1s5PkQPtKRYvDtnznn6zMWGP6BMKge_J-fa2jibjsvSX2X1XNIV52QwXlbsdrOm9QTDAEq-4Ix_I0n9R1DEri2zwB9vTYSLdpemcZmFiE0ilJNPgFTue5mb6VUM2O6tp79WlcJRaA6GTJxdRyDG4wTfzHUrqmbNap_xGAT59lkkpS2nF4z0Owz8tuuLW7m4F9LVA3bJ5aOOMMkNTjZwbXJCBcO_1SKM0tmMKfc9tukg14LBb9noEdFb7FWJzuu1nGgsNASx5lC5wNYc2aln-i7eXTygbYEIRB3J_o8M9UIh8285IxWUf7M8qxdZPj2Bk7TLBmgCh5vDCZ05_bQgL5ujABKCo14zCBOAEA4gFs5Sf_EyQBgGgBk6AB9W1p6MEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9uPtjbKKgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATwOigFdgTCogUBNgUAdAVAfgWAYAXAegXBLIYAyIBAA&sigh=HUWEvEOrvIs&label=part2viewed&ad_mt=4&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D3%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D557960498%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702401050082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8629 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKq6APQhjrmmwoi9SRT9YJXwNPgqkJzt9yUV648l-xI-eY8lWi-yHtxPV2Dzu9G9yXRQGCUwvL7UHSKf9Ns4SVILS22p04fEF5VObzpvcHh1Sema5xIkBAvhOWEIVUtd-9ue3u05vOE2DLNFBCWmsA8EkzTIaIsotC0v1E-_BKf9FFMNUrG2zDhredX0LGhXkyLJwY-Z92SXGtY63GtqK3I80ADhKLDruQAuXCG8Qm4OGNJ1eq_CZ9Q0UqvE8MYDuhCk1C9EdL6F50DtqBJWoOycT85JjHXBDtEym-Cka9v7n8Xb_OntDDsZKfRCpuxFTMmPWL0SLo5T6SrUwo7OQlEjpWL16k_sybHeQyheYHEooQ-MGt_FN6IwjGWWtWAWKCwHYiWDtsPd0gypV4faq-XL4a9_IBcifyfncoyFcpC6ap1cg2PgF5b8yijRCz0n_oKNbbOwhLl8jzPUn3Ei0ENnCu7bddEuYhcR_2P3yzTB5yEB826qnV_OsrdL9HhHjb9WYJBzIZclNURFPE0b16XSqKX4AcekTCTy7v-I5xBv8KcCpZ_DW8AcigRSEp2SAk2MWsmH2Xnw52Xd5lio53qX0OP0JiHlfB0zpVy0t-VpzAeoY0ZuPbIF6a6ciwOrj5FGxVLW7EMAzJO2-RDIc3uManOKsr8cK6WKQtpymGgdRF_MG9rk99a41HzVI8M6Oq5_Dp-W5ie6NW1T0cZv6IicDSAWCZDbV0PFSyLubSGdtDsEI1gwpDn5zWZUScZGBeO2HT8owR5pPZ4E580Khb4QVYjZhpcsuPeBcJXYjyHbwA26nGxU9IUmZ97KEsBg-18Lf3OkTjeQ0OKI14_Z7-854li8-UQGMinmEFh13oDcdjq-Cp-EImECezB6DwH4dLrbvQHftwDzTdNB5sQfH671nsf5sGNRMEUdKBSSv29ToYnWadvzKXf172ArS4h26cDHHLkdQmfX9IKoCcmhR_zPqcvVoiCA36hV92oEM2HZlOKYTM4uFZksvzzqBtZC0j6Oxy97Ho6sKDW0i2VtSpY6fTM579Veavp1vHq7VWdYVje5tnGEyDEfB5PLEDfh8uK8qu_ZI8NqJeNaNVwMQwGnJDIyunKsEtNQlF6pRhpVbs6tnGw1YIRr-Vm65dQELOjrc6YXCwR_IsHr0YxUZX914o5r-KFeQ4loSbfJN8BQ1uEzLoRlK9sn8PQTEATPL850aEJNZs982sH60QJZ_4VXTF5vHqfHawLL6sHONMOtai5G3IbxIJ70Da8JJyWFiqzRdP7HwxRB3wKJpNZFnu5TX9y3eg6gD6oVzvvDSuZvHEtyO3h7cI8JG5K2QWcsqIYNMF-r5pRZt9gms_2VnRU9HXI1zxkK2orgi_YAITKRSWaA&sai=AMfl-YQPJgVtCExYm8D9yFApYO4D3FDjEgYRh08GxG_SfY17byknRHQX-9AMWY8X69uUvJEH0tR_wzKLox9RhBzCBWr1_nRw7BmTSV5f2ubQixVnq5nvykKuoxsyB0PwXbCUKazpx77C9KWKBeThpaxx8U03whd9Uv3VfVGxk__Wc2B-y86DHvqa-slGnhfDslVpRlbdJcHmtXdw8XrIUMrpHasleX4Kam68B2HPNSd8b23F-QA3vVk11rH8fdAuYzqj0bP9n69EUhCCZsiBc-Zsjv0CVBxaF3Q8tTP1-ChWwH3X831xpBtEGpjkZFIJvzZW&sig=Cg0ArKJSzAK0CFYzC707EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8629 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_Qg6IEELm--M4EGIiz0foBIAEwAQ&v=APEucNWpS1bleS6G1MMyVp-CgQndl_UGrAawConNT374AZZHknDWqGy3mc5v_8Fvghw6LrsF6sSIGlVeosdCTKVxYEJIXIYSBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8629 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8629 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEj7zSu3BHcFxWjaHstALjLNiYZFTPpiL-FUSGje17uqv8PbMuG8hdl3yQVVAB1Wut6Q3hiO33OHBIB7EOZgQQ4bCfuAXhiLauC110wAhUHTvDnXNHIheUcYQaBSJ7aVyDALp5-tSHcEIoRGf1vIM07Kr8&sai=AMfl-YQokyI9MjOZNAAZXHHBLHxlrZYi5xl4S3EOuodbOu7nFsIg3NhMU7Aaa-IL6rpyphoDx5ssvP4SFWnZM8-jgSWI3j84YT7oWmRxJzxPrPm4CT-JdvjTo5p1qlTfJXPva4zwHxWZbJxR-pApYckD&sig=Cg0ArKJSzPXmzIAWJYdxEAE&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D3%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D557960498%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702401050082&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8629 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7AgzGJR4ZeW7BZ_u_tMPu-uHoAzg2JnNc7vjxfzwEbCQwf3qQBABIKuLqWBgleKQgqAHoAHV_dbDKcgBBakCcVT8x7Absj6oAwHIA5sEqgSYAk_QOWqxXnVsSaa-gapk1uIwJJ9YdRt-1s5PkQPtKRYvDtnznn6zMWGP6BMKge_J-fa2jibjsvSX2X1XNIV52QwXlbsdrOm9QTDAEq-4Ix_I0n9R1DEri2zwB9vTYSLdpemcZmFiE0ilJNPgFTue5mb6VUM2O6tp79WlcJRaA6GTJxdRyDG4wTfzHUrqmbNap_xGAT59lkkpS2nF4z0Owz8tuuLW7m4F9LVA3bJ5aOOMMkNTjZwbXJCBcO_1SKM0tmMKfc9tukg14LBb9noEdFb7FWJzuu1nGgsNASx5lC5wNYc2aln-i7eXTygbYEIRB3J_o8M9UIh8285IxWUf7M8qxdZPj2Bk7TLBmgCh5vDCZ05_bQgL5ujABKCo14zCBOAEA4gFs5Sf_EyQBgGgBk6AB9W1p6MEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9uPtjbKKgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATwOigFdgTCogUBNgUAdAVAfgWAYAXAegXBLIYAyIBAA&sigh=HUWEvEOrvIs&label=vast_creativeview&ad_mt=4&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D3%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D557960498%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702401050082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8629 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lq2lmoqe&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3711&mt=video%2Fmp4&vs=1024x1024&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=198656&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1mv~ff.1n1~videopreviewstarted.1n3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
120X600-frame5-Iban.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame5-Iban.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd91b557daffce07d50f5ae1cc005d0f598ebf8fcdc18f89bb71774547d8bd4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:17 GMT
x-content-type-options
nosniff
age
29793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5900
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:54:17 GMT
120X600-frame4-card.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame4-card.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b25b043219720edc6a452b5976a155feb86dd26856eaf231f78fa90628a66516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 18:49:52 GMT
x-content-type-options
nosniff
age
80458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12514
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 18:49:52 GMT
120X600-frame3-phone.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame3-phone.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef6a97d2083380d668166a38af87594dc582c7599da9a292c026a2e71a743343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:55:50 GMT
x-content-type-options
nosniff
age
29700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17589
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:55:50 GMT
120X600-frame6-text2.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame6-text2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f364f8d7ba18d012e57588f848b2e31dcad403d7bfca48d5c6903e9fcf552e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:51:55 GMT
x-content-type-options
nosniff
age
29935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2094
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:51:55 GMT
120X600-frame2-text1.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame2-text1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bb726a9a168366b66a2cdd7590c570a0a7850b64ec306b621030b4ebeabd55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:14:07 GMT
x-content-type-options
nosniff
age
28603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2898
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:14:07 GMT
120X600-frame1.png
s0.2mdn.net/sadbundle/9433103165021475414/ Frame A68C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9433103165021475414/120X600-frame1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed617769ea2c045c39f00af34a2668f8ab8b1473865193f0ffe7267beca22fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9433103165021475414/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:46:51 GMT
x-content-type-options
nosniff
age
37439
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4703
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:56:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 06:46:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAEC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJIkealDeRrApX3OiXoa5KprPn0GgDaaZEx-E1lUvC6Re2M2-0xzaC17ZT8l_xJCGcc9w4JIhBJA5cIOWXJX0n_zPC2kTQenxoMM9jizYj6AvhEWS6tMcxBFTUALK6Q3myRl8hs_bLRxn6ebNN0_16RIVS&sai=AMfl-YQV8ycPaQXM6NZ1X3IJL-3hSPBzJGI8uxHXPdFtd3TyU-uiFNXu6SwSmH1Q24u859kyIwRIBbztbatDIgXh1awwOYPUZyku1g_S--ifGF5uj56I4WSktC931dRYPYWds1tlrNAJueTAaQWUSDI4&sig=Cg0ArKJSzNgOOHRSPDuNEAE&cid=CAQSTgDICaaNQDP75xuvwV4SYzXocQwJVRHjP7cqBhYi9FXKkACyh2kpYmg28pidu8nlsxSjh_TJVwQcbZHeG73zesWhoQTOGcKOOpsVP612DhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702401047967&rpt=1132&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1776224780566592&plah=www.getit01.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:10:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8649 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:10:56 GMT
expires
Wed, 11 Dec 2024 14:10:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 46E6 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f8045d14ad25e607dd680ac69747dc63264cbf416a029dc3457bd90e56b93ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r49oUe-Q7ApDDYNWOPvHXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.getit01.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-r49oUe-Q7ApDDYNWOPvHXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:10:50 GMT
expires
Tue, 12 Dec 2023 17:10:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8649 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 16:22:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 46E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3749584760896963&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8649 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q_lhNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 8629 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lq2lmp61&c=7912811281826&slotId=3956405640913&qqid=COWn8o2yioMDFR-3fwQdu_UBxA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3711&mt=video%2Fmp4&vs=1024x1024&dm=15000&met.4=vfl.1sv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5261561089566&version=m202309260101&ct=119&x=1&cor=592067139324122000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1BA2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6ed1fLZqk8KmkT5oV8erGozSqV_UVlIhaAcF6JCHqGHHTCIx1LhiaBps2NmjaWea_zWhej910cb8FVNvNV80vw7CUynWTuY1h6Dp_cWiONRiDoetTEU6jzE6CCADGtpi_e4TbhXU8us0Jdf8VVzYhm4CK&sai=AMfl-YS7S6yoiiJgb_22_kpzMjQMGJiutU9alHzaz-14ToXxWUbSsU2BxdqfFeYR9rqDRzRp0QLboh_BvkkGcHKtT-qDyPIDLU7NsEXfcElweRQjzZDWalIQC_zfrFRQx4ZbmCSOlXQqvK_2kmtHXtEV&sig=Cg0ArKJSzHLGmiZXLbu_EAE&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702401049058&rpt=524&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3749584760896963&bg=!Y2ClYC_NAAY3kmNgF5I7ADQBe5WfOAwk4GYNdTVaNhn-IPMyREDgwH1dUEiovSj-W6uDDTBYjlf_PzPBCMaT-iJx-50pAgAAAEJSAAAAAWgBB5kC_l0LWosCucgwDdSY-9SJa6JYkr-VofSXowrlfOezuIQWF8CdtsXYPGIuUwS67UkP8w7r19IoftjGfmJbK3in2FtVfc4zWMaSZvbpSl90uK4-H8m1WAlpfypnNDlB1b18mxri60rY78qqt38yOxCp-6elNN9r0OjUFiEcnfaNoDRMTpnQ3-ZGBv7m7MxwWPlML8wxjY_U9NqKVlujD6kJfldQhdpiOFhMeBCWY5LaDPcfW8MuZwx9mi1R7H67bFQyFT6Viujz3r00-saSvoEpbCr5VBRo5FXtkbVjeMBjquVoVy_oiYggNfhuhQ5bd2vqT76WRvA2reRL3zYJmck6i15zbhvjGoXevpAqmphgipozEMmuZ0xxTsBrp-0TRKvlYum8jqkX35f5SSGtHtIqaEJbJ0sN-kRgXSflUIf0I-i1rNgernSabhiUujb1B4oWORkO2wNU_NX4cJrI4Ew-o2LiuJiTlM7STwy-FUbaonmON6-q72420SJgSbsmfFmMMRj2kHH1zx5eikJMemB2UMJXwNwuM2noa-qP_TCLq6IiBIBWgJCGBFkF-Cr_9R5F3KysRPzNnffC5apJBhGqeuQDpTTSRioyzbqO-UObtmMkoZsxno29uMEWQsHL0kSuhE_bNTGY-V3NxGFgBzpN2VBmy6Q42Jytf1xLDMQPKAy_c6PH9BS5kRWHu_okLAE8DVY7eqd4yYvqXs9Ehh0vesUqnKQpWeEzgrMNyC1p3fP72N4zhUm0Pupxir2tddCsjCiJHvaC2DaPBNSDaLeiUWvbQpCqTt8ZqeyjTh4DuvRcS64jh6YKchQW_82W2AB53lZGzSCACzdQkr2_ywUcpZGbiZaZ4SLiWqFjvpDrpDPUnJGleMzxBOZKDQiHXYV_kOsZGu4CD4mXSXDJY96p9Ihwr9WWoB6_n0ZFh-nZjGilUpJrkXMe2lJJNhLhDsVurKlVyjBqFiCC_O8gAxqzVur6g7D3S1EFScgKrXAwkiE8vw7-IL97FbfvaLrkvh0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getit01.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8629 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEj7zSu3BHcFxWjaHstALjLNiYZFTPpiL-FUSGje17uqv8PbMuG8hdl3yQVVAB1Wut6Q3hiO33OHBIB7EOZgQQ4bCfuAXhiLauC110wAhUHTvDnXNHIheUcYQaBSJ7aVyDALp5-tSHcEIoRGf1vIM07Kr8&sai=AMfl-YQokyI9MjOZNAAZXHHBLHxlrZYi5xl4S3EOuodbOu7nFsIg3NhMU7Aaa-IL6rpyphoDx5ssvP4SFWnZM8-jgSWI3j84YT7oWmRxJzxPrPm4CT-JdvjTo5p1qlTfJXPva4zwHxWZbJxR-pApYckD&sig=Cg0ArKJSzPXmzIAWJYdxEAE&cid=CAQSTgDICaaNOsNJwKfFUQn3i4v7mbTiTgYePwPJNuAiT4LTr1_Ea3tWHTABrjLH5DG-2d8OUMgV3r1uYRyxqt4eyUo_o_mtFqbwBIwwzOk2SxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,191,119,309%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2162%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D201%26dur%3D15018%26vmtime%3D2168%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2162%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D557960498%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1702401050082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:10:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| $ function| jQuery function| gtag object| dataLayer function| turnoff object| FB object| __buffer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| addthis_product string| wp_product_version string| wp_blog_version object| addthis_share object| addthis_config object| addthis_layers object| addthis_layers_tools object| addthis_plugin_info function| b function| grin object| jQuery172003352267681829124 function| SidebarFollow object| wp number| h number| t object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
.getit01.com/ Name: _ga_13XVBKN7TR
Value: GS1.1.1702401047.1.0.1702401047.0.0.0
.getit01.com/ Name: _ga
Value: GA1.2.85407608.1702401048
.getit01.com/ Name: _gid
Value: GA1.2.1538363989.1702401048
.getit01.com/ Name: _gat_gtag_UA_109930472_1
Value: 1
.getit01.com/ Name: __gads
Value: ID=380017c014d06f2f:T=1702401048:RT=1702401048:S=ALNI_MalE7iP4gkAGiA9JBuynR_s3ZtWAA
.getit01.com/ Name: __gpi
Value: UID=00000d18f42c21dd:T=1702401048:RT=1702401048:S=ALNI_Ma4UgYxXRN_3ZDQXY13eSS7_QzTfg
.adnxs.com/ Name: uuid2
Value: 7479413472726815093
.casalemedia.com/ Name: CMID
Value: ZXiUGe9utrr9ey5fbg8zfwAA
.casalemedia.com/ Name: CMPS
Value: 5290
.casalemedia.com/ Name: CMPRO
Value: 5290
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPdRJ1L!]tbPl1M>e)ZlrFUfJ+tGXxoHD(`iLEX![W<wC/+Uxq$^FyYijYZT*lS(nW^3If)y3KL9D3I?+Wq8$_h
.doubleclick.net/ Name: APC
Value: AfxxVi4ruDSSzDuNt-itdQ7udnXsxHIXL-83Rq9mEr18Q0GVkI_RrQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm8JQ5HR00O_J3wy8i7No7K0NQFZekiNbKjrDBO809lsFOAFsLaVVt6r9Effu4
.w55c.net/ Name: wfivefivec
Value: lULeWFsu1Rd6hr5
.w55c.net/ Name: matchgoogle
Value: 5
.turn.com/ Name: uid
Value: 8618127912277067372
.de17a.com/ Name: guid
Value: 1.4003374296197670896
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6670111134214511845
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXiUGQAGa7HZWABd
.tribalfusion.com/ Name: ANON_ID
Value: aent6Zau4YUdmqcn62woCWZahDH7kNfBpsZd6anu2WZdMh3tJrEUse0qvpwhTxqMltZbJ239ywQZdtmZcnRQrMGx0sbaQ05StsZa

1 Console Messages

Source Level URL
Text
network error URL: https://www.getit01.com/so.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ade.googlesyndication.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.wp.com
ib.adnxs.com
imasdk.googleapis.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pm.w55c.net
r.turn.com
r1---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
s13.cnzz.com
s7.addthis.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.getit01.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.64.162.56
123.176.98.192
142.250.185.66
142.250.186.66
151.101.2.49
172.217.16.130
172.64.151.101
185.89.210.90
192.0.77.2
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.165
240e:933:c005:2:3::3c9
2606:4700::6812:18ad
2606:4700::6812:acf
2a00:1450:4001:801::200e
2a00:1450:4001:802::2006
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400e:8::6
2a03:2880:f084:d:face:b00c:0:3
3.121.34.204
3.67.231.56
37.157.3.20
74.125.206.154
06011611d00820a5c704f3650ade035e47b50a8ad7bf5afa4952dc79425e362e
07f3dd5ec4c8ae1afa899d7b35a2795cfb0919cfd400e304aa1379881a7469fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1433149d007e2ccf80277cc021c4e0faa5a21268601c6fe8105c0d95c95be189
16327202b6c6f02d8a16fee2fb2d2dfcd648d6a608b2981a70b09dfb1830c92c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8045d14ad25e607dd680ac69747dc63264cbf416a029dc3457bd90e56b93ea
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
220d76251785413e66fd2518a8b11654db8a96311f7a9be268fc51a824bfec0b
2704a686f90279cdf6fdf1bd628107b1413f1d378f3536c42ab1d9b56cbc4137
276407730311109fcc31c5c48fa275320652e6ea1f598d7cae3f81b2ea6d922a
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
299961cc5f6b7f2390391a8b8118cdab793ce4a0775206f55985eeab5e436d0a
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340c40d9cb50207b8d3925599f0cf07710852495074ef3a7879cd8ac89ce09f1
36e443a6531661eee74751387a15ad11d2c2adfb0cc39e2e1efad33b3ff812bb
3829619de1d026e00874e51075a83a77e5d720e899f94b8b8dec91a4d2709080
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b39f533a57c16e38436367e5c8ecc89aca03faa9358e63cb870a30319fd82e7
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49606c4504c31ba2c8aa4b0986b56795fd8a1a24a31f0899c3eb700d683dfc00
49cbd25c48929842a5c78e328c32d169deb76a9cd9a97040f828cb561d982389
4a6d536534392fafad965c35040ae68d838672597111613a5457c7e5ce82bde3
4aae8284254ffeb76910654a64252664661ac9424a668f04580ceb013db4ef0f
4aafe3688c4843dc2892d2010d5819dad43fb5cf1c9dd8aa526709b895b167e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5490cfb1d7225479587d6a10c5dd562df11a33f86ae4069b07bf380f4b93c8c4
55952c11ba201be1e0b5f6830f3906ae0883ba9116d2824d38bdb32473a32176
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5baabf76701d464928746c561cde880c38bd8c1a3fbcde7acab7944ff1ab3fbc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f4654a6d1a8063ecf29ca8d39f7ec925c01385c78ca42eeb951e69d282474b5
6139a3e5b026c5a5c2dab668a0560a8b33cc21676ff52d9ec8ca6c745199935b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637db62ae229b0d1da6d1460f13487d73d610f0ff386f134c8238412b7f14560
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb726a9a168366b66a2cdd7590c570a0a7850b64ec306b621030b4ebeabd55c
6e8f16665887380a04f274dba338dcb75d131888b40ed4ab570a6cdc0c7add74
6f6a3edaded20129e09367da71770bdb24ff3479863f6169f9a801a63aaa1f00
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71b670d3bab5627f897a7b4647c7b1ef7bb0ce2460770853f61e3d8dd8989765
7c4eea0989cb261e33ed636725b1edf5612105084b3236ca4f0a8c613b764d97
7c6380e9985c8e4982f41f8dba64d6b1c4a7997d0aa635d9f4bb7643ab815248
80e6a177a8e2056826ef7da65272b7301cc0979c06fa59a9653cd2bdce8b72eb
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
958108fcbd4baf9d9784be557498c279537510f5c554e3ce97631fc28d37dc74
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4e041099f592ffa97807063d0d18c1f3d67487c958e1b3d40bdc8f1b476320f
a8ed036768def7ddd797babe1ce95d0891d0b80fb58132e413cb6d4bfd608171
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25b043219720edc6a452b5976a155feb86dd26856eaf231f78fa90628a66516
b25ebc9b5c763bf472383d5926ae7e991b5868523f4ed774cf92c921627efc53
b46356818bde5ed6af112d5b8eec4a953847c0df37d9e7c394e2016c7eae8fbb
bab6cdbe3f9186c374c133cec7c54fedba74e40f60094cf7931e38fd33634d3b
bed617769ea2c045c39f00af34a2668f8ab8b1473865193f0ffe7267beca22fc
c0c241a1b5c07a4e26d41b4d88b6215765f089d0d6c08c005a1d36f101d35dff
c23627dccb22a7fff7141f0ffe282891eb02fb87d8a4a636ad08d7429e7e2103
c3146f3b2352790df1a16f92f3d50371b5e0cba579ab9ef3246ae2d17f1cdd89
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c8e9da06eb110773e5da438d0b01aec9ad69980ac1e713dc8c86cfd79220ba73
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd91b557daffce07d50f5ae1cc005d0f598ebf8fcdc18f89bb71774547d8bd4d
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da9b72eef4c8c4c51316c51297bb8f9d1010fa8c0b9325c8bb7ba7dfc5a2cd60
dae079037d3294884550accb1527bc1326fdcf5f0a1f662664b39934d2dca8fc
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b05523d353a769838e360e853c890de8a11c113b69c97adfeb12786735e156
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e869d2bacf46b9b3b1d4be10693757facc924b5c6298aee9063bf5a553e3f2ca
eabd7d007c9370773dd2f7b346dbc22648d0de8fb5574f2190722049b1e894ed
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee863978ac471046a74113d8fb754d19d52cef822179b2f9df9f173e8f9f0375
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a97d2083380d668166a38af87594dc582c7599da9a292c026a2e71a743343
f364f8d7ba18d012e57588f848b2e31dcad403d7bfca48d5c6903e9fcf552e18
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8e743c54677670479b1454e4f8296bbf3013609dfb62c72ac190a09ec8940d8
fb8ed9625d17a733c96bea5bd76742f0e996eca6785b91776123707ff43e628e
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1