www.hisour.com Open in urlscan Pro
2606:4700:3108::ac42:2909 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hisour.com/
Effective URL:
https://www.hisour.com/de/
Submission: On November 06 via api (November 6th 2023, 11:47:33 am UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 200 HTTP transactions. The main IP is 2606:4700:3108::ac42:2909, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hisour.com.
TLS certificate: Issued by GTS CA 1P5 on October 21st 2023. Valid for: 3 months.

This is the only time www.hisour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 56	2606:4700:310... 2606:4700:3108::ac42:2909	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 47	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 31	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	35.181.109.179 35.181.109.179	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:2415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	18.159.56.100 18.159.56.100	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.196.230.223 18.196.230.223	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:abeb:a582:6f70:20cf	() ()
200	38

56 2606:4700:3108::ac42:2909 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.hisour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hisour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.181.109.179 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-109-179.eu-west-3.compute.amazonaws.com

wiz.sncf-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2415 (United States)

ASN13335 (CLOUDFLARENET, US)

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.56.100 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-56-100.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:abeb:a582:6f70:20cf (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	821 KB
56	hisour.com 2 redirects www.hisour.com cdn.hisour.com	3 MB
26	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	244 KB
15	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com	198 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	357 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	91 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
3	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17389 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 51140	11 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	603 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	400 B
2	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 13670 data00.adlooxtracking.com — Cisco Umbrella Rank: 11098	28 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	142 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	614 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	63 KB
1	sncf-connect.com wiz.sncf-connect.com — Cisco Umbrella Rank: 367452	6 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
200	28

	Domain	Requested by
34	pagead2.googlesyndication.com	www.hisour.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
33	www.hisour.com	2 redirects www.hisour.com static.cloudflareinsights.com
31	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.hisour.com
23	cdn.hisour.com	www.hisour.com
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.hisour.com googleads.g.doubleclick.net
10	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net www.hisour.com
5	s0.2mdn.net	www.hisour.com googleads.g.doubleclick.net s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad4.adfarm1.adition.com	googleads.g.doubleclick.net ad4.adfarm1.adition.com
2	googleads4.g.doubleclick.net	www.hisour.com
2	p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com
2	www.googleadservices.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.hisour.com www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	imagesrv.adition.com	googleads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	data00.adlooxtracking.com	j.adlooxtracking.com
1	j.adlooxtracking.com	www.hisour.com
1	wiz.sncf-connect.com	www.hisour.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.hisour.com
200	43

This site contains no links.

Subject Issuer	Validity	Valid
hisour.com GTS CA 1P5	`2023-10-21` - `2024-01-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
wiz.sncf-connect.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
adlooxtracking.com GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adlooxtracking.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.hisour.com/de/
Frame ID: C25F1D040300C9500965A2FA0C0128E9
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html?hello=world
Frame ID: 299C615AF377AB9BEA841AD75ED0873C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&adk=1812271804&adf=3025194257&lmt=1699271248&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271248669&bpp=3&bdt=1878&idt=170&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8049627207339&frm=20&pv=2&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 16E4241283EBC2B8B5E46832DE42409D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=200&slotname=5463832523&adk=2637018234&adf=1111442253&pi=t.ma~as.5463832523&w=1200&fwrn=4&lmt=1699271248&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271248672&bpp=1&bdt=1882&idt=203&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3N6NuTgBfH&p=https%3A//www.hisour.com&dtd=208
Frame ID: EB25F4C8E2B8BB971DA861DA8CEF89A4
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93E30A3762295E2C5BFA0C3ECBBA4B82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A25E4FDAB3C287E087BA3479D993C672
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js
Frame ID: AE76BC4471CE232AFDD124A79F98730F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Frame ID: BAC20204CB5F66B222842BB8DF404DF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: F305E912E4AE39C4D0EA71103887279C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: 6AFE10CD36F59129EF62693A352FCD3C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: A3CC0900760FEA899C50815C8FB7D917
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: 226752BFD6A9D7110B2218797A4DA409
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_2ahDh0owBGNuSgeQBMAE&v=APEucNXQQHbLBHjgevMHLqb5ZusBQcC8GK5ZvtPbrKyYgbb8upgM1jvbiZNJJPlEbsBA7KjQxk9gZ6UQLnzAeIM0yY-Ho4APX-h_v6R-vHpQ3z9-_4zipIcqHkO7p9qT30FgnwF-F6Ck8grfdr2mgM5JbzZEk7Xnehh663EeJILLDFoyV0P1CGo
Frame ID: 9A63C0911DB26D62F346B8D04771996B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8C12DD3C85A9B8C8EB30396AB08A1F11
Requests: 22 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D8CE187E1167E0D876DA8A01903E3AAF
Requests: 7 HTTP requests in this frame

Frame: https://p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 83DC85EA3606476D69C96B606D407D96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js
Frame ID: 2C08407E571EFC8246862D422D299145
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js
Frame ID: A2D6BA59845F7D645D5744A7F58A96C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0A0F61F452E1E54065E4F2988EA1B001
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js
Frame ID: 722BC686B568F77A7DF2E18CA5DB5ABF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250
Frame ID: 04028282AAEAA2D7BB90D0BFF471C233
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo
Frame ID: 21D8A914FE76576A6E04B903EBBAE562
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D7FF068CCFC377D546AE101D41996E6F
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 44E0F0A2DAF975883F3812C93A69DA69
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0798C72946D73F5B0203B7C3F4CE8883
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HiSoUR Kunst Kultur Ausstellung – Virtuelle Tour, Kunstausstellung, Entdeckungsgeschichte, Global Cultural Online.

Page URL History Show full URLs

http://www.hisour.com/ HTTP 301
https://www.hisour.com/ HTTP 302
https://www.hisour.com/de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

200
Requests

94 %
HTTPS

60 %
IPv6

28
Domains

43
Subdomains

38
IPs

6
Countries

4891 kB
Transfer

8753 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hisour.com/ HTTP 301
https://www.hisour.com/ HTTP 302
https://www.hisour.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
https://tpc.googlesyndication.com/simgad/3995853839924061625

Request Chain 93

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmh05UNJIZZH8Nvmk9u8P-I6bMMjI0P9z_buPjeoRue7wyKoBEAEg8-S5HmCV4pCCoAegAaHAmPEoyAEJqAMByAPLBKoE2wFP0G2ocKaBegnMg2rCVJe7Y4Dsg-PAj0XMNOvlzNT23-WKp5Y13wHs_vuQ_3MgQx2X146CIv52KXmLfoarkpjkMStAnPDZDrJz0w7CeanUGaUoIXVPhLDTrIhIQ6z27ilSaeVXItFJXC3juMNw-nlouUgSrkT1tKvtQ3R7i7S1h01w6Xg0ngYj6zsXxjRfbC51obdP_0c-yPU5KBi-Z9iVpAwSHktZGXMUW3_6Cf0RBhBUU1DPxh5Il68wHAuHJMhDU-fPLixT8R_kNlAKQZ4riqbtBZj_sqwGMJzABL64tffCBIgFtJeZ-0ySBQQIBBgBkgUECAUYBKAGLoAHnfykowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ44oK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJgQJodHRwczovL3d3dy50ZW11LmNvbS9kZS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTc2fmRlfkVVUiZnb29kc19pZD02MDEwOTk1MjQ5OTg1ODgmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTExMTIyMC0xJnRvcGljX2NsYXNzaWZ5PTEwNIAKAcgLAaIMDCoKCgjktLEC7rWxAtgTC9AVAYAXAbIXHAoaCAASFHB1Yi05MTE3MDc3NzEyMjM2NzU2GAA&sigh=FcHjqvQgjTU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNnVTyuKqNwDPF-8if3PTcWE9EYjft893hbO13kls4_HC6i_HdkqqIPo8Mq4xL5z_Z9BsYHCYUWAZGU2ERCv-0tmYUWC60I-wYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227954909023596791936%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211411535558584911649%22}&andc=true

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1&C=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUjSUrRTaaWBPXPwNrfWrAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfNCVmxhcC6JVwfu9VDm4k&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMfNCVmxhcC6JVwfu9VDm4k%26google_cver%3D1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDkyMjU5OTU5ODYxNjkyNQ%3D%3D

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF_vsGbGndnkHWWm2V6tckE&google_cver=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAKjKy9w4RlYGpss3gWQtVo&google_cver=1

Request Chain 192

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3AGqREIxqCNVxDHoSpwdhvo2Hw-cRjQt9V18iWEuEHpzUZaBy21MlAVGij HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3AGqREIxqCNVxDHoSpwdhvo2Hw-cRjQt9V18iWEuEHpzUZaBy21MlAVGij HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDlGWGJZREYxUVpZNFA1&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3AGqREIxqCNVxDHoSpwdhvo2Hw-cRjQt9V18iWEuEHpzUZaBy21MlAVGij

Request Chain 193

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHEGFYk6uAE1HLGD-giiwFk&google_cver=1&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMYSL5w7V2zQIFGre1suwf6v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMYSL5w7V2zQIFGre1suwf6v&google_hm=yTSvUh4dS26yx_I_dvWY_IY

Request Chain 196

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGfGJOaqK9oZZotcf-_jHaw&google_cver=1&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477mq7vowXCZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477mq7vowXCZ&google_hm=eS1jc1JldzJCRTJwRmh5NzZFeDVRSm5NYWM4N1RpVG5wZX5B

200 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hisour.com/de/
Redirect Chain

http://www.hisour.com/
https://www.hisour.com/
https://www.hisour.com/de/

109 KB
20 KB

720ms
719ms

Document
text/html

2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5497904bfb31fc9e43d667d561313f829b8c3493b4676ce8897098be4190bdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=172800
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 821d1a07ff851cc3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 11:47:26 GMT
expect-ct: max-age=86400, enforce
expires: Wed, 08 Nov 2023 11:47:26 GMT
link: <https://www.hisour.com/de/wp-json/>; rel="https://api.w.org/", <https://www.hisour.com/de/wp-json/wp/v2/pages/24767>; rel="alternate"; type="application/json", <https://www.hisour.com/de/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n8XPi5jpM1UXUo%2Fe2UFXnUUvAwiSchZLirKX1FzeZq04CVZ2NgKSl6mc%2B%2BGOruxqjN2RIjuueyPQCciXQq2cKF1TQvPy%2BjCLhEFJ06NSLqfUMZvtkCPtx1%2BZIdkkMA3LRFDUVYfIKkTQGNe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-ray: 821d1a058c5b1cc3-FRA
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 11:47:26 GMT
expect-ct: max-age=86400, enforce
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://www.hisour.com/de/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh%2BaWyaOFh0HZpkuOIQnRl4d1KcSpA6l3G9IAcaUQii5jV0tH%2B7FhxBqLV5hvJN7pfTPydVqH7XCGnk0cpXcX2n1FVCacKdsrxu%2FwmhbkirqSZgkkpNOVZCUE5jMJpDtop%2BExRztXXwKET89"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H3 200 style.min.css
www.hisour.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 25ms
24ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11745
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 19 Aug 2023 08:29:44 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwYU0CZtQp2YoyBRJSqV3ujuccxR%2FXVhcgQupfEzghqKqDQt3p3WRtrzZpW5srf0Nx5qLJ8NDxd%2BtOnWOgztXl5i5pUodcwvU3E%2Bo%2FMdXueAj3BA6iGOW80D6DPI%2Fx%2BfNLxBtgV67nyndT3%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0c7b8f5c50-FRA
expires: Sun, 04 Feb 2024 05:51:16 GMT

GET
H3 200 front-flex.min.css
www.hisour.com/wp-content/plugins/siteorigin-panels/css/ 1 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.27.0

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faaeeefaf71d4299bf4570493688c93be4a663d01554fcd04bd8a267bc0f825d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 05 Nov 2023 05:05:52 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trvkEVGrbw%2FhfYZ5pB9V0i1IMn59bzeX5BISFSsqKYi7ecYmkB1w2cf0lMFxWc7cvD2W%2Bdc%2FiebRcoE4c0sheTE3%2BqqlUIhLdMu4mkMKGXG7Zc%2BVtZsIJqmbvvhRHhKyRYrBkgb6BSdilvW4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0c7b925c50-FRA
expires: Sun, 04 Feb 2024 05:45:13 GMT

GET
H3 200 normalize.css
www.hisour.com/wp-content/themes/gk-portfolio/css/ 2 KB
1 KB 31ms
31ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/css/normalize.css?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6c91573609abb8523333ce9a41198badfb4b19836a35af34212ba5c378524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11745
cf-polished: origSize=8500
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 09 Jan 2019 14:52:15 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FBNSZ0hBV2qesOfsf3w4cyNKQ14SxxlGcOz7o05LGxigN3RRsr77Ah165VNFskqtTdPCOOYHpsKnaeiMY1AYJ%2BxVolWOpQf0y95JvWEEGq%2FejrE%2FsrY%2B6sdYLw00Ma540768SjLu2Brvn74"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0c7b945c50-FRA
expires: Sun, 04 Feb 2024 05:51:16 GMT

GET
H3 200 font.awesome.css
www.hisour.com/wp-content/themes/gk-portfolio/css/ 22 KB
5 KB 24ms
24ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/css/font.awesome.css?ver=4.0.3

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa8e929d8f6712210afc525149d48b2fd4efa5d1d3fbf15ceb4700c32df3a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: origSize=26715
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 09 Jan 2019 14:52:15 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBODYwQHQzJKKaJjW4MFYUbvFooSD%2BzpEGx4b1mTT6QeZCvW%2BpQAQWoxdGZdRJrpCyR%2Bg48miaVejFYW6iz5qx2icjGoAmOgaRIFFkTo0BYx%2F3SzNYqZM829ToYI3eQRE%2BxAvOydDeYINUxc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0cfc185c50-FRA
expires: Sun, 04 Feb 2024 02:12:57 GMT

GET
H3 200 style.css
www.hisour.com/wp-content/themes/gk-portfolio/ 43 KB
10 KB 25ms
25ms Stylesheet
text/css 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/style.css?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc036cd29ad156ea9052b3e4eeafc1ebb011845071d0bc7998fc376a212903e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: origSize=56741
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 05 Nov 2021 10:57:55 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR9YlIXYFQORnGo5G3yhHRYfmaOc39aL9n1yImH8QRMMc%2BIZvb%2BzVpMrwDpKuBNasP4qm3rFQkrsHGUhCC6QBtrP2BwmzMrwjyoEOxDGXK6D1QvY0f0iaseRyPPfWElqHyYI8rUbE1M03F9w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0cfc1a5c50-FRA
expires: Sun, 04 Feb 2024 05:51:16 GMT

GET
H3 200 de.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 132 B
717 B 20ms
19ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/de.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f5a4e70b52eea759f786f00a1b90b3f5c3d815c290233b37e40f953d50fe67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 132
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsPdPbAmvBsuywujjMSV6s%2FSle3XWqcM%2FPa2fftlSYJyvttPKqbK%2FqwyslC%2B89tCDRbVuv20S5DJFBpLQwM46gDkCIUohzYntZ0%2FL8lWp%2BJtMSA1L3OFra7wuA%2F6hEHKMt339zGidoD0Qkk7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0cfc215c50-FRA
expires: Tue, 05 Nov 2024 03:23:00 GMT

GET
H3 200 gb.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 398 B
977 B 26ms
22ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/gb.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78cba0d68a87a8db2d5fd6b38d222ab74c4af7a11fe8c716dee390ec0582aecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 398
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2m7pmRyGv8dUU32YtI1eaZBf49o041uOgpj1B%2BieJEUKggcbxiTcmOIKX2VJWPJuXfdR9Mao1Gd74pYsrBci322Kyf9c%2BvjlIxwSHwFfH9YEqzduPjjgKQfpDVK4KiSH%2FxnEXsUmKP2Cnhe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c265c50-FRA
expires: Tue, 05 Nov 2024 06:27:28 GMT

GET
H3 200 es.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 202 B
785 B 33ms
29ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/es.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f0e60f0eac484185763cb71b42c3157427ed4b26aff7bc67018e5fc85ab1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 202
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytNTQR8MEX4wJsgmPQ0hPcVNEw9%2B%2FLCaaUyKBYHw0zkF%2FothsTfTWmTdsY2dEqdq1HQH6%2BtVobgeGYYaCWrkgUEXbqWgcP0f8%2Fw59jYn3ta6QBbf9yPiXQXi7lNq2OYiS0tTJZItBPXGM7iW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c275c50-FRA
expires: Tue, 05 Nov 2024 08:38:59 GMT

GET
H3 200 fr.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 149 B
734 B 23ms
20ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/fr.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7600b0f12c27ee38d18e5e84961e8c8677983ae1dab78d7f941798b0ad7b62e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 149
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwrcTmynmG5VHXL5Z3Q%2FraMLXSM5KDh4r8UFw6u0nASG8qiHO4iGPLZY69gobZ0jNkLXXr9RCbSKrSfIGf8f84Qcq%2FzaU1qGNTdbSPioxCZa%2FDqhNqbuBzP%2B5iWo9%2BsotFAKYgVXiLSXwHqX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c2c5c50-FRA
expires: Tue, 05 Nov 2024 02:20:11 GMT

GET
H3 200 it.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 147 B
731 B 27ms
25ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/it.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5319dae27a83a503b2917f911d2b32d8adebba5a26c24b90c4c15aee9da62c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 147
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRg9XxYinopHUAgnOv6Ng49HR9VsHfZhacOGPf6bGlZ0pnF%2BA%2BJyhI%2BA9cIjqouAAhvA0FQMuXuVgsYIMmvqaTApNKItKayTHBaPN4gU4bDSeYOz4pJyLgRCtTfcF7WKWBwZVWO%2F5F8q1QJ1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c2d5c50-FRA
expires: Tue, 05 Nov 2024 05:36:33 GMT

GET
H3 200 pt.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 311 B
893 B 26ms
24ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/pt.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8afa801080bab1b3ae3c19757251ab57cad9a0634e7a6db6d285a99b0777df45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 311
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WrYMzkznVMmShq1D26Q3Ep8JwtKo5gcYSog2RkRZ8KvF9OmJKaa%2B8Yt4GHujNVle3a91n%2FvRsc8vUuvI4gNtvDS2CybRCx38EQJcbMkFzQv6u%2FZvjLrBfDD%2FVJGWL8BpxgUN9JQ6gklGw0X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c2e5c50-FRA
expires: Tue, 05 Nov 2024 06:20:00 GMT

GET
H3 200 ru.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 123 B
704 B 25ms
23ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ru.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80cf07a16232db71901a60aee87bd82a695eb5f55b139806c55b712c3ed4a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 123
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BamVZAXMA%2FIFYJxZjIJADT2q5lj3z9bUVvWtuqTlXBhGGTcLNE9bVPAb8AmAuArBAHrePJQihDeMRcXuBqsBPPlpTFANrUnKnpw1u47kHsF4IMAKKFUJ6Gh6Q%2Byi3qZKLM1Lee48b5Zn%2FfK8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c2f5c50-FRA
expires: Tue, 05 Nov 2024 06:27:28 GMT

GET
H3 200 cn.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 186 B
768 B 27ms
24ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/cn.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74458416cb45a2fa485021ca3e505eb8b3d7bda4cf1ec845cd73dacd499d3b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 186
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thcyElKYyYhLCLAcgJj%2FmqRb%2FKSK32bBThAeuxq6L0gOx5pLlVWw9JhRQ9Ad51nEByyVvwGuhcftC8%2Bvieud37FR7S1EhrzoNEAq3pZwE4LVulxo0mKqY3s5yIwWWp2%2Fa4X7QjA8xBEw0SDZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c305c50-FRA
expires: Tue, 05 Nov 2024 03:22:59 GMT

GET
H3 200 jp.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 171 B
755 B 29ms
26ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/jp.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a1cded4551f3d929547bd98957e3831aa55ce6c996cd0809e9efecee5551c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 171
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq4kdCmww58ZDFfzMCP8MX7o7aPUgOhERkMy9mStn8iw7u%2BDmFnffHZiwd6qZRlehnMngRgkrfYWQ4j9GOrg5t8pia4wXbsFhfC7cZ4PpcQI%2BaStdnck8%2Bj1bFf63r0r2AEk%2FXBir3WxV8j%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c335c50-FRA
expires: Tue, 05 Nov 2024 05:36:33 GMT

GET
H3 200 kr.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 322 B
905 B 27ms
24ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/kr.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a97b2700a6130627b841ee072c236c66203dfaf843fe39fce0c4a1a934937f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 322
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FursQwGQvjWU24Fv58ZPUh763494RVwu3sIUiwRe88qHrujLL7VWB6chp7DdzTu3prR%2FFhJ3kwLjVlR9g84PwwS85fu0A8pMYZwW%2FVzKT2UyxxW5eJbavkdH4rBzKg3o36K%2FhP3PB5FjmAIz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c365c50-FRA
expires: Tue, 05 Nov 2024 05:36:33 GMT

GET
H3 200 arle.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 268 B
851 B 43ms
39ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/arle.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc27a90f76f4d4c938c4350480c63594cff8ee97e1c1c6c2e41310f8fd58a182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 268
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrxU%2B8Ogtn06J2gchgEMGemVIavCVdU8e8MkpvA1Z48tUxpQyN2VmorRps0PKazeC5k8SXqrSiYNx9C%2BCdLGCjqvBFsIJ5eI7EhM0NU%2FrwjTAS5j9aC%2Fjg2O%2BV9FPihYUAlJsCc3GLkbYTgD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c3a5c50-FRA
expires: Tue, 05 Nov 2024 05:53:41 GMT

GET
H3 200 in.png
www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/ 197 B
778 B 27ms
24ms Image
image/png 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/plugins/qtranslate-xt-3.13.0/flags/in.png

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254c7fa50c03107d5c23a44e09b486e7e10e5fffc12861c747789574eee567f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 197
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 25 Mar 2023 09:34:37 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxAiR8Cwtj6zG0aMdVA0vn1zgPXHpsw07%2BepyQAZencAUGjLJrJiRZPapnTB9OZzoLJWZnCWvX%2FHppXsyF34aj0QryxJkZuVUAtcSR9wv0Uo3YW9i182QB3SeZmv1WxdDS3KuIa%2FJP536jZ0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c3c5c50-FRA
expires: Tue, 05 Nov 2024 08:06:15 GMT

GET
H2 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/02/Land-art.jpg/ 137 KB
137 KB 123ms
95ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/02/Land-art.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d02aa22bd03377d2c668f127b8be3f1820a6eb8fe5cfaff6177d77dcddc1fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=26+482 c=0+0 v=2023.9.8 l=140062
date: Mon, 06 Nov 2023 11:47:26 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 140062
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfcPGhzh_hoPiQBkuC_-6hpyVnHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0ES5tWVR%2BQSrFwli04jgHLcGFiMq1Dnm8TmUxxk%2BJpsCHde87McOtTxLNfUxFh7M39Uqpvq10wVNy%2BibSps6jebZU0qw8HNCnpm%2FoXwLPx%2FPQfQZbxmaTIsxqYP9uFEdNO%2B1zK7Wg0sI4ic"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f141cc3-FRA

GET
H2 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2021/03/Review-of-Hong-Kong-Entertainment-Expo-2013-China.jpg/ 62 KB
62 KB 145ms
117ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2021/03/Review-of-Hong-Kong-Entertainment-Expo-2013-China.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8826baf0a0edb248cb1473ea888916cf5d3180eaad9b2b951db45f1c97d3a1dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1586+73 c=3+427 v=2023.9.8 l=63219
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 63219
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfH0JRCK0ypdfGQt_4hwzqsnchHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YspKDobmMk8KGEbf0%2FwCLgcKNPpt7LqYvzxcW2GY2V2QMW0y%2FbTyi19O8jcF71Dihz%2Bjwgtp4Y9ouRsK7qj%2FjJYkrUG%2Bv4ZS%2FcjFSLqV5CT2Bvez1VGpfronFlHQgkVVD34R37std2xrbpGy"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f171cc3-FRA

GET
H3 200 1600%E2%80%931650-in-Western-European-fashion.jpg
www.hisour.com/wp-content/uploads/2018/06/ 142 KB
143 KB 46ms
42ms Image
image/jpeg 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hisour.com/wp-content/uploads/2018/06/1600%E2%80%931650-in-Western-European-fashion.jpg

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30cb09f2bf010912cfa0e54ad47c55625240555e8b0044c84564d37c942675d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=201386, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 145910
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
last-modified: Sun, 03 Jun 2018 19:09:09 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJg8BpvdyLS%2Fqra9quBsesNFRTloV637UAVjhchqWhO9YBwY6SORTrpRg7oa6blh1%2BzVqoofYnWDetzZNmXKesycygiiLdKz2MVXzpg4PjqIrlLaYFcBZaf3uvWFdsLLxluE8tNbvYl1Wl0d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d0c3f5c50-FRA
expires: Tue, 05 Nov 2024 11:47:18 GMT

GET
H2 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/05/Architecture-of-Azerbaijan.jpg/ 114 KB
115 KB 1757ms
1728ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/05/Architecture-of-Azerbaijan.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e963204c9a9c5bb9af3ab198d2ed386e20fd1ea8e9dd796517876a5e32c0c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1480+131 c=0+0 v=2023.9.8 l=116826
date: Mon, 06 Nov 2023 11:47:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 116826
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfV9WMrahHRJnvCHWpy_Kd8H7hHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcRAXPiGi1ySuOR6M2bbY2NvGJjKo23MzJt0X2eHv1jrFZpj%2FlSFe7D%2Bttvd8BuhNlAJtSACg7GfXbR0nNT%2BnJ27GhP1udNcz5AxtJtvQlWWl7IlrN9jhOhfxPcUhUL8%2FEJgb0aD7gPtYSTy"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f1a1cc3-FRA

GET
H2 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2019/04/Winter-Palace-of-Prince-Eugene-Belvedere.jpg/ 138 KB
139 KB 155ms
127ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2019/04/Winter-Palace-of-Prince-Eugene-Belvedere.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e360a5f70f12b14412dfdb55c10519a767cd4bac66d826e7210ab93f0ae5883

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=19+80 c=5+393 v=2023.9.8 l=141104
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 141104
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfjY0sErBAcw0fDt6eyssiIoOpHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZZ3Fc6pAP0BEP8nbq64lev4GENFh3nQT1yFwY24Rm0JjJeXrU0aPEMPxvKr8q%2BVitTCGX3frohNiKYyBG0vFrDDRUmZDjzDADGfRhmS1A4%2B%2FmA5jGFKipSYv2Qm3J4a3jRSSf0jjsmtObdY"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f0c1cc3-FRA

GET
H2 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/06/Architecture-in-early-modern-Scotland.jpg/ 95 KB
96 KB 143ms
115ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/06/Architecture-in-early-modern-Scotland.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

855c23e1b8239c7413fee2e2dfa38086b30690049e9c06cf2456241e72f93f52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1461+148 c=0+0 v=2023.9.8 l=97369
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 97369
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfLEXoNFDNQFaM0pSsPV2nC5dcHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtEvEx4f2MijsejKY0%2Bp%2FPRkxhALMD2KFMODCn4Ai0UOF1kSiQBDJSnNFI%2BisKIHYv24XgdYT67YHn%2FTLiDgCGFVIPsC49sP5YQv9E%2F%2B9m%2BErN%2BSqohCNTL01cv7qh4laF1BJLkSlWy2BcM4"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f111cc3-FRA

GET
H2 200 w=955
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/06/George-Elbert-Burr.jpg/ 86 KB
87 KB 1727ms
1699ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/06/George-Elbert-Burr.jpg/w=955

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09c268fe502e6f49cac76a39cb8d554b40ef5a7ae4dd021248ca370d97e054b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=621+464 c=4+489 v=2023.9.8 l=88295
date: Mon, 06 Nov 2023 11:47:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 88295
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfRq9apL2Elbc1WATNYfbMfrEGy8Z14K4O1mGfmzSVDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MFkTGczSlF9NtiYrWRXohpA%2F1GlRHuGxI0oLdJFFGPZ3C9DQiAwW5OQSqDiAZwaLytZ%2FfsQdZqcIBUuRNcVKtTuK0%2BrGjJlSNWYfQiTFtNyQ3XRjZ54VVTTrOkUliC3znCSENOurE5AEPk0"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0d2f131cc3-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/09/Solar-vehicle.jpg/ 92 KB
93 KB 97ms
96ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/09/Solar-vehicle.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a428141a428fa50ce0d42de8208307d1489385b993591adf600851a0058b0da7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+148 c=0+0 v=2023.9.8 l=94695
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 94695
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfqXktuX96TlZF2LcKiUIGMn_YHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGN0Q3bFF2bdeH9RyFCiq7Z7cIjQJfckGuvTEO0pK6815oPDJHmlp5dJUngILXHcz7L6eCS6NCY9gh3zWuJ8w30tfrTEGfNCDCHtBk6lRNYpU5pmIJ8pfbZMwHjxHUTu1SwtZGLEyCT9trsW"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddd9b5c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Azerbaijanis.jpg/ 159 KB
159 KB 102ms
101ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Azerbaijanis.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac62ecc4e8c94018c3b75bfec4ba75aff220dd7b1fdeac39bdf061bae14313d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=41+139 c=5+526 v=2023.9.8 l=162549
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 162549
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfvMQBLaEsP3vg2Vq8VhO-e6VTHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIqvyY3yeLKpb1GKNAgnXoHuuuY73iDf9PgSGL7Cvi75QIpZZ8j5VOywG2rchHh%2FPtWrmZt5LsJLDiK7l8OLaKTHUqM2KHvI1yGz9HEB7el%2F6K9%2FF2fGlLzi6C9HaLcvbTARqgtGIuTJhuiv"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddd9f5c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/03/Thermochromism.jpg/ 15 KB
16 KB 107ms
106ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/03/Thermochromism.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca63f761f1ebcd4720943bafde105a2785570e94dfb29b1497970252be51b9ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1450+110 c=0+0 v=2023.9.8 l=15836
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15836
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrvys5JJhCMQ6zTfWh4JrSChyHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMG4nxQwKFKR%2F2adeurAb8dVkI93woHRwEclsUWNGWQdlQUJNRtmSvQdaOBDcmOAxQKXpDiDhdS%2B%2BH2DsUhoHxe3THkldQlEelCQG6fP4gJT84PfBLWB9H1LmLci18vdD60%2FJogqfzntfLxe"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda15c50-FRA

GET
H3 200 w=1021
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/03/Museo-Nazionale-DellAutomobile.jpg/ 53 KB
54 KB 100ms
99ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/03/Museo-Nazionale-DellAutomobile.jpg/w=1021

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f205a2d1143f39e7e649fccac0d7c382337ee7ae51a08217919df49c73df42f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=20+273 c=0+0 v=2023.9.8 l=54415
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 54415
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfi2TC12Awti8P1JQVo2VHOMvs0YjXokj-ShP1sXjvDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twXWbCipHkja5tP9QDE%2FVnUME6YCUak96oAZue4z6uVFsx%2Fdqpuyk%2B%2F1MkHPAqbNOO7YCQJNf6X6AfQKx4GKgThoOAE64FMprqZbqXXZ7zb%2FPthldU0bI0uCozYZsmswDCDHuNvrolMK3lBf"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda35c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/02/Hague-School-1.jpg/ 152 KB
153 KB 117ms
116ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/02/Hague-School-1.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363605aea40f3c417bdfa9b4e42fe8716459aef61dcbd89b1c9899715ced353a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=928+111 c=6+564 v=2023.9.8 l=156013
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 156013
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfZ0G1rSfuDLYfikwuLMb738B7HnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBvRBbD96Bh4tpold1gSCtvuZwe2ayazpWo6uknGXueXRBEmTpSZDmYDFXil3zSjswmE9rCCro5Fj%2FZW1VIx7MX4ExAu8TNEOaIlbejjh7nevcVWA3OhpOA1GKSMwGzvl%2BJEWHcdJEndZ%2Bx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda45c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/06/Architecture-in-Malm%C3%B6.jpg/ 87 KB
87 KB 120ms
119ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/06/Architecture-in-Malm%C3%B6.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c1dbd9fdf4db5c620640239e8cfd67c6792a2bcb15fb1500906ec89284b1d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=790+191 c=0+0 v=2023.9.8 l=88864
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 88864
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfzq1oplY1ZqwO2lsZYh6WDpKzHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VNIMHZVpbmINAbALrX648RtY3NThINqYX42GlDomIvtzCHmc610RsQVxMQ1bKIYyvab4O5Oxa871QjHnEHZq4gb3sPcBDkBJPY%2B8U5zP%2BJHN8QHTeP1v6urRbRlao7AjMSQldsF0P9931To"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda65c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2019/04/Eastern-rooms-Bagatti-Valsecchi-Museum.jpg/ 88 KB
89 KB 637ms
636ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2019/04/Eastern-rooms-Bagatti-Valsecchi-Museum.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3fa9ce3de18ec1216ec54e4573eafab6d07a5303b0f98e7549956db737ae1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=16+89 c=4+435 v=2023.9.8 l=90537
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 90537
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfRF0tGcGRxft31s48V-J2mY6kHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbIXJuV8eDWsF3VWPshNv3KQnASPCz6OteuQWv1tsmwKqLKpB1fFKrnPdmPs1xG3lRjFYe92fOCa3fWYxRaNafJ4%2BcSPAvxmmjTZUYpjvOXTGFfN8ao%2Fk4zZdNUW3vHVLKtFsUYYJ4sXdol%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda85c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Sugar-industry-of-the-Philippines.jpg/ 97 KB
98 KB 93ms
92ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Sugar-industry-of-the-Philippines.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

314abf25f933e6804ffc5bc9c26d259c89bc4c0e756ac427ca620f0897e685c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=859+142 c=0+0 v=2023.9.8 l=99784
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 99784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cftiKQycaxfhtHiHsftcKn2bZzHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUJ9V33P%2FGVVPnA6Oo7fLvzmLSrpSwQthSKHQKY6SrveKSuOpFjinV4sxIiXivTnG6ZWg8hTr%2B4IEYpGW4tA%2FXsD4jdVvO5QlZ72CZWrrvnAriUQARMtmiGDcK81iIaD%2BNeLmDlm1tKt1B%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0ddda95c50-FRA

GET
H3 200 w=640
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/09/Environment-Poster-Women-Archives-by-Zubaan.jpg/ 61 KB
61 KB 112ms
111ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/09/Environment-Poster-Women-Archives-by-Zubaan.jpg/w=640

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5cb8150c0a4f297e5a53a820b83f8b65277a9f872c30d9c823bbeb6ddf644ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=18+157 c=0+0 v=2023.9.8 l=62240
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 62240
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfRo57dGIPam5hig2qHa4bUj5caZL4PCV_btXSUQZRDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYzN16H7BlBlplbMTpqmvv2q3tPq7EPWGAOZt0HHlnRrKT8jkUc8ZEJPeMN%2FSIBfe5v%2BTRRajucgWS8dlwzkiP4nAnjyjCEO4tgdxjspywN6MIO3yX9eGEEfNqCIFoaRaisJhS8rPUAQevo7"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddab5c50-FRA

GET
H3 200 w=1200
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2022/09/Look-back-of-Red-Bull-X-Alps-paragliding-competition.jpeg/ 127 KB
128 KB 87ms
86ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2022/09/Look-back-of-Red-Bull-X-Alps-paragliding-competition.jpeg/w=1200

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00d7104cd10f71aee152a4cc66d07bd97d93f460016ce7443738f6d74072dd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=48+373 c=5+433 v=2023.9.8 l=130474
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 130474
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfGCfuzM6AalfmOC1_Ey-OY5w-6Jj25MTnwOMOzxp7DQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv61TxVAbkpecqwLitsjkGiYrGUeVpt7cIzV8zjoHfd1lbCO4w%2B5m0ZDaFMxgtctKsIZkYxhPvNP0FzCinYxOJ36s2LFV%2F9ivCen2SumGpwNA%2B462yGxzNvilHlFry4Cbo%2FLWa8ePo8RdEIV"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddad5c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/History-of-airline.jpg/ 42 KB
43 KB 108ms
107ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/History-of-airline.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5644e0a0323037631f8f5deef65893d9b6d2e9f48c6c38893359b9df827151

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=18+385 c=0+0 v=2023.9.8 l=43279
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43279
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfaJp3JhevuWSbI2_KhLTCznzSHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHDJT%2B%2BLxgSWZf6OV5ziK6U%2B%2B4nmjfz0rMGWJwVcZOtJQQbpOupYloObnMBlkhdZSQ3IV5Cuigt5HYrepgivSL1zzWikY73QkoXlLQYVF9AxqDiSSA0rgoGulViEx6ZKz7q0ydgnqLglAq4E"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddaf5c50-FRA

GET
H3 200 w=1200
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2022/03/Review-of-the-Grand-Sapin-and-the-Christmas-Windows-of-Galeries-Lafayette-Haussmann-2020-2021-Paris-France.jpg/ 152 KB
153 KB 109ms
108ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2022/03/Review-of-the-Grand-Sapin-and-the-Christmas-Windows-of-Galeries-Lafayette-Haussmann-2020-2021-Paris-France.jpg/w=1200

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1332f8ba79adf043af79c8fe59c3428b23ba671619b3f6e8725427faf69d7734

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=25+143 c=0+0 v=2023.9.8 l=155916
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 155916
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSGURn26YN_zVwyYkK21ddbbT6Jj25MTnwOMOzxp7DQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUVkJQ8IWlUJQGwKEioEoEsH7AHXHgbqh6ybH6OhscysyYKFFQp1e4ZzsZKIcAn0n5N0%2BLdk733PNwrc6X3y8RWHkD%2BNd8bz0%2Bd1Fy5nEmxVgWYg8qL9zOyFAaKvze1CRoEG3JY%2F4BX3zcB7"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddb35c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/04/Empire-style.jpg/ 194 KB
194 KB 110ms
109ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/04/Empire-style.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7d974faaacf1ce3461526535a8b1d3ffe59d69d928f9b6477f5cc5d5c24d66

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=26+98 c=5+505 v=2023.9.8 l=198354
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 198354
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfZlTBwyws1aRbdwdMEsC3fyiqHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZSKMEfPzR%2FtKtxGEsiRJtMmxyDJlZAAxpWIUKL3aZ8B33%2BhYYT8FYXAnvea7NLKAT78B2KJ9s5IvUDKWDcoKbypcIZSz%2Bl8mLmOkoXe1u6HJS3GTe%2BqKbIfkgz7n47sOwyN%2FvY7MgSS9vHf"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddb75c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Aviation-Technology-in-World-War-I.jpg/ 140 KB
141 KB 115ms
114ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Aviation-Technology-in-World-War-I.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e698a95c8f484d7a039c4911762cdafd2836297d724c291c8d9f1e7a5ba570ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=5764+251 c=0+0 v=2023.9.8 l=143696
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 143696
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfDy2HisgurYYZHFYMRClALZiqHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRWf34iyAmPrPKxlvgQf7FfzAVUnVXBd9aP18x8d8FK5j7NdVfPY4blfMk%2BO%2BDHHN10FQuuJQEnJ9Li%2FsyHSWBvUu8YbXMG81LSR94Qc8GHAjm1eCVqqEE2A3CL6Ekpvv8q8rdyHfwarZ2Zs"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddb95c50-FRA

GET
H3 200 w=959
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/09/Scratch-Paper-Speleology-at-the-9eme-Concept.jpg/ 161 KB
161 KB 447ms
446ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/09/Scratch-Paper-Speleology-at-the-9eme-Concept.jpg/w=959

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1ac8e4c6f4896550f0d43c35b9d8019b7854ef4e337cf506fb506171ffc7d68

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+327 c=0+0 v=2023.9.8 l=164509
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 164509
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfRG2pR6zqoUQIjo7b3a09fim8JPZ5q0j1BQ4sv9owDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FeH2i7qESdWFQIFLGmnXIvzIBKN7JF1yfHak4Vk3yLUF4PzyENDeAWQUolPV6SJrw4YaN9MtAeUT96gPk03E6pm6DQF%2BLc258KxvHUDhHt3hs98l8dceSCoqNw2I5AvX54uTbZprbNXIQkF"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddba5c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/11/Islamic-geometric-patterns.jpg/ 204 KB
204 KB 122ms
121ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2017/11/Islamic-geometric-patterns.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b50de94ad78217d38910399b08162ee055daa1da04067f55a0f7ad88fd864e73

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=257+217 c=0+0 v=2023.9.8 l=208608
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 208608
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf_hH9SzfVUHMANk5cV-wdW9xvHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dey8C5N%2Ba%2FObRClAYkxZ%2Bd8X5QzRqi6UzScunK9SPoNJBOeI%2F8wE95EQC2tMvrsoJqWVatU4cd5TeHP5bBXPMZmPv4ngXLoBnJv67IZU8u2WzpIx9%2BtLx%2FBOWkVPLVsk%2FTfJUhCsLm11mYCM"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddbc5c50-FRA

GET
H3 200 w=960
cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Call-center-industry-in-the-Philippines.jpg/ 37 KB
38 KB 389ms
387ms Image
image/avif 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hisour.com/cdn-cgi/imagedelivery/PJiouRWxFR9baI5eaOAFCA/www.hisour.com/2018/08/Call-center-industry-in-the-Philippines.jpg/w=960

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e5aafa9413c826ddcd03d1e36a6346ef1f4589780fa9a22344c8b7a34a2b2a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+273 c=0+0 v=2023.9.8 l=38178
date: Mon, 06 Nov 2023 11:47:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 38178
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7rsE8l-STn5jdhAXo92hvWfwHnO8OAwleghwGR7mDQ"
expect-ct: max-age=86400, enforce
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unlCdCVtrj0ZTgfihBh%2BLqcQwA1bG48aqFfqgsb4RPotSeSSdEywH4E1K82nVkWtL9K103S8dTBKdndu0gEnah0xvhz1geizwIhaAExFLdEO4c0zKgqGST77pc6K9gToZjVb4N7ejJDCykV2"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 821d1a0dddc05c50-FRA

GET
H3 200 rocket-loader.min.js Show response
www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653bc982-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktYkzDKHwA78zfjy3mTDxLbpAPXroF9U3wJNGlRhoqkvEjztS6QgZvuOVD8uXBLBzoZSOswg9LuF6MKTrutq008lYvCPinjbVZkMj0louogX85oFpD6cPr4HcQJmbR7BUqlJgx1KxW1O%2FzmS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 821d1a0d2c625c50-FRA
expires: Wed, 08 Nov 2023 11:47:26 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 100ms
82ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.hisour.com
URL: https://www.hisour.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 821d1a0d4d302c2d-FRA

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
www.hisour.com/fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 53ms
52ms Font
font/woff2 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hisour.com/de/
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4527435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18664
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 821d1a0d3c835c50-FRA
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:21:23 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
www.hisour.com/fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 38ms
38ms Font
font/woff2 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hisour.com/de/
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4527435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18232
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Sep 2023 01:07:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 821d1a0d3c935c50-FRA
timing-allow-origin: *
expires: Fri, 13 Sep 2024 22:30:53 GMT

GET
H3 200 fontawesome-webfont.woff
www.hisour.com/wp-content/themes/gk-portfolio/fonts/font-awesome/ 64 KB
64 KB 33ms
32ms Font
application/x-font-woff 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/fonts/font-awesome/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/wp-content/themes/gk-portfolio/css/font.awesome.css?ver=4.0.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hisour.com/wp-content/themes/gk-portfolio/css/font.awesome.css?ver=4.0.3
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7005
alt-svc: h3=":443"; ma=86400
content-length: 65452
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 09 Jan 2019 14:52:15 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLLVsvaNwKZyoX18%2BBss%2BsvWnwAvNHHotQcWSRBrwWUuYuB%2BJX%2FkrndNiE%2BjmRBU5pNDQNc3KyPYV6R3gJ53Nl6SPo4%2FChR8KYQb6y15iEtjtRseAsdl4mdpecDYMbv6DUTSM3peDO%2BwmUdH"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 821d1a0d3c985c50-FRA
expires: Tue, 05 Nov 2024 06:27:07 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
www.hisour.com/fonts.gstatic.com/s/opensans/v36/ 11 KB
11 KB 35ms
35ms Font
font/woff2 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hisour.com/de/
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 374964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11084
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Sep 2023 00:41:45 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="apps-themes"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 821d1a0d4ca25c50-FRA
timing-allow-origin: *
expires: Fri, 13 Sep 2024 20:20:28 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
www.hisour.com/fonts.gstatic.com/s/opensans/v36/ 15 KB
15 KB 41ms
41ms Font
font/woff2 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hisour.com/de/
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4474054
alt-svc: h3=":443"; ma=86400
content-length: 15296
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Sep 2023 00:03:23 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X3QzuaR%2FiPMZbuuTzbnUmocOPQeFgg3VADQiiqzpO0Y1954gKzn2e0%2Fg3cmZTMyhpgUZH0gGRrFTff4HGPq8n%2FsuQXcBJTBbFAG5wGye3z1H69BeKz16jJ4JvckZPd%2BzcIJz4rwRIdvgtDs"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=28800
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 821d1a0d4cb45c50-FRA

GET
H3 200 jquery.fitvids.js Show response
www.hisour.com/wp-content/themes/gk-portfolio/js/ 2 KB
1 KB 28ms
27ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/js/jquery.fitvids.js?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca4f29bb6efa578deb6693734c0a2c061b2211f023d146f486238fafe8a58108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: origSize=2781
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 09 Jan 2019 14:52:15 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3B%2Fe7YZAfWL8Dr3HL%2B9qDuKR3E8hJtdnl70ogZJ4aUVbJ4wT6XnjjOsDpwBjr14NVx2J4XeI8XKjXr12eodJwxTORrN5QUv%2B0KDONn4omXg7q6eNWrpB7F%2FmGQvdpZCHi8uK6EVHjQfiF6K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0d5cef5c50-FRA
expires: Sun, 04 Feb 2024 05:47:28 GMT

GET
H3 200 functions.js Show response
www.hisour.com/wp-content/themes/gk-portfolio/js/ 4 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-content/themes/gk-portfolio/js/functions.js?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544d80cacea9632d00244110759db1c0c03bb098b30b0430be1173b94bc200fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
cf-polished: origSize=6250
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 09 Jan 2019 14:52:15 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi%2Fg9kxP%2B04%2FkOwafjqEFKN%2BVN%2B428F3F%2Bl9BPP0x3ZkAgy%2FBsSGMfbJbMUqCduQaOTx9DpIyXk0yBMtrnhDncvFlZsiNGOHOWItm76me906TIfDRv%2Fy27xfN%2Bp6tezafYTk5qdNP2M5IDqy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0d5cf55c50-FRA
expires: Sun, 04 Feb 2024 05:45:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 94ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e858b16bd3efd00215023e3eb70f250ab4bed874c645f03cc65026d1f1e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51881
x-xss-protection: 0
server: cafe
etag: 15413644188303396453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 85ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9117077712236756&host=ca-host-pub-2644536267352236

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

611a26873d7f9c2d0376a4a1032aff66fda09cd110ab128e7472ac7d877ae258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.hisour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51905
x-xss-protection: 0
server: cafe
etag: 15073312769860895628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91765513-1

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a958533d964442936123c47f5632497839769cbe175a6c69b7b13d8842104a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64923
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 11:47:26 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.hisour.com/wp-includes/js/jquery/ 13 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 19 Aug 2023 08:29:44 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CSPZ%2Fy%2BGh3KgVA8XTxynj%2FC%2BdRiqlP1cdAg5Y%2BV4oTD1PxrgMFMPY7TFDP%2FJDAEcAI8YvpVuzu23U77owLrrhVKGy8%2BLNLtxNEBKocRcqoZPXFtawJj%2BOsZjxp%2BoZfsZ0PYhle%2BpOWk7t7U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0d5cfa5c50-FRA
expires: Sun, 04 Feb 2024 02:02:11 GMT

GET
H3 200 jquery.min.js Show response
www.hisour.com/wp-includes/js/jquery/ 85 KB
31 KB 32ms
32ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11307
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 19 Aug 2023 08:29:44 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ppo3%2FyomwKY%2BWxpk3xgy%2BsGCCMrjElxqBYugGZ6FERymN50RvFu8wfZ1fftIyaVwnQHOCDvAtBdzRX%2FFbPgvE5Lzldpheoj2QrXXrlnhZ%2B0S%2BE1N0OcYv8G7qKjpqpNdQeIu8PKkjDdpBT7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a0d5cfd5c50-FRA
expires: Sun, 04 Feb 2024 01:57:38 GMT

GET
BLOB 200
OK f34ae309-417f-4a47-8fc5-845c6f288d3e
https://www.hisour.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hisour.com/f34ae309-417f-4a47-8fc5-845c6f288d3e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee7b9a2ab9a6f021e6edf72b4773551de5b0042b88fb23e1be8a1b7cccd5d441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52130
x-xss-protection: 0
server: cafe
etag: 6285533341987545220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9117077712236756&plah=www.hisour.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9117077712236756&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc64aae2364f1ba696128e5612af020bf7b193c2438f55c08837012a2e52350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138244
x-xss-protection: 0
server: cafe
etag: 2280804378724712531
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 299C 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9117077712236756&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 14:27:09 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 14:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91765513-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7066
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 Nov 2023 11:49:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5DDCG3V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91765513-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd0b106f55a382ef08c1a8f6f4532cec76a81ce1ab690c5a31ee5b1070c995e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 11:47:28 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.hisour.com/wp-includes/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hisour.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11309
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 11 Apr 2023 08:19:47 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPidaTrSCtgFkk9RTVUHw5SihmVk3EaN%2F8YuWcPxG9cZIULJXZhCOrjgQEIV7tBOgW9zrFUmYfdpohZ0YU3raLNc9vm9ezYIMYDVPia2pww%2FbIQSZB0dn5Oh8GJ288SvKznHwCiU2%2FoYLDP%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=7776000
cf-ray: 821d1a186a4e5c50-FRA
expires: Sun, 04 Feb 2024 06:42:53 GMT

POST
H3 204 rum Show response
www.hisour.com/cdn-cgi/ 0
140 B 11ms
11ms XHR
text/plain 2606:4700:3108::ac42:2909
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hisour.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2909 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hisour.com/de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.hisour.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 821d1a187a5d5c50-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FV4EM50KJW&gtm=45Pe3b11v9116216481&_p=1699271248650&_gaz=1&gcd=11l1l1l1l1&gdid=dZTNiMT&cid=573301231.1699271249&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699271248&sct=1&seg=0&dl=https%3A%2F%2Fwww.hisour.com%2Fde%2F&dt=HiSoUR%20Kunst%20Kultur%20Ausstellung%20%E2%80%93%20Virtuelle%20Tour%2C%20Kunstausstellung%2C%20Entdeckungsgeschichte%2C%20Global%20Cultural%20Online.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3153
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5DDCG3V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hisour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 53ms
17ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FV4EM50KJW&cid=573301231.1699271249&gtm=45Pe3b11v9116216481&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5DDCG3V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hisour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 57ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FV4EM50KJW&cid=573301231.1699271249&gtm=45Pe3b11v9116216481&aip=1&z=271896539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1699579485&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hisour.com%2Fde%2F&ul=en-us&de=UTF-8&dt=HiSoUR%20Kunst%20Kultur%20Ausstellung%20%E2%80%93%20Virtuelle%20Tour%2C%20Kunstausstellung%2C%20Entdeckungsgeschichte%2C%20Global%20Cultural%20Online.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=2011336081&gjid=1241255094&cid=573301231.1699271249&tid=UA-91765513-1&_gid=1352483069.1699271249&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1177421487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hisour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 38ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hisour.com&callback=_gfp_s_&client=ca-pub-9117077712236756

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9117077712236756&plah=www.hisour.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dc36589cbbc4f7c633dc5d9c87c959c8c46f54f95711d93eb0795d8a9ab37c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16E4 595 KB
107 KB 1208ms
1207ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&adk=1812271804&adf=3025194257&lmt=1699271248&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271248669&bpp=3&bdt=1878&idt=170&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8049627207339&frm=20&pv=2&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83ffed47970b9fbdd921d33175927e9d12d3f8a1204d99396dc783aac1fc3e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:30 GMT
expires: Mon, 06 Nov 2023 11:47:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2310b9b92cc257637ae2fff98956e17ec5900b37621e5f206b71ccccb377af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB25 163 KB
45 KB 545ms
545ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=200&slotname=5463832523&adk=2637018234&adf=1111442253&pi=t.ma~as.5463832523&w=1200&fwrn=4&lmt=1699271248&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271248672&bpp=1&bdt=1882&idt=203&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3N6NuTgBfH&p=https%3A//www.hisour.com&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02f06bf780cba89e2c02a577c066962825a23f6d05b0ff22ea98ca3f72c3153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:29 GMT
expires: Mon, 06 Nov 2023 11:47:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 11:47:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93E3 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:45:45 GMT
expires: Tue, 05 Nov 2024 11:45:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A25E 829 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95c95cdac1b6a25cca521cd75f40cc0c3f8fd513ae8200a6ca20668c3ae9a480

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PZgy8TwVR12c9UkycCKcTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PZgy8TwVR12c9UkycCKcTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:29 GMT
expires: Mon, 06 Nov 2023 11:47:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 93E3 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 10:25:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A25E 0
0 43ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1002118846463461&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93E3 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HL4DqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame EB25 2 KB
975 B 61ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=200&slotname=5463832523&adk=2637018234&adf=1111442253&pi=t.ma~as.5463832523&w=1200&fwrn=4&lmt=1699271248&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271248672&bpp=1&bdt=1882&idt=203&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3N6NuTgBfH&p=https%3A//www.hisour.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 11:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 11:34:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 11:47:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame EB25 2 KB
825 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame EB25 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 09:14:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame EB25 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame EB25 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB25 189 KB
60 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:29 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame EB25 36 KB
15 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame EB25 14 KB
14 KB 45ms
9ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR5dZgxJ7Gd_yXb34L1UdQ27Fhauppk7bjU-LjmhIygOfPIgZP1F0IHtrAh7w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f918e479d2fa725ae3b5b278363ad28e31c811573c4d7744f7628fbec56d51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 23:55:08 GMT
x-content-type-options: nosniff
age: 215541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14395
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 06:46:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 02 Nov 2024 23:55:08 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EB25 13 KB
13 KB 39ms
9ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRM-A6aeze8uyFG0FQwg-kHp-aEgCM5U-ryfzZLRCOhGioF3CwvKOeDoWrWeA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ba808bca2eafa660111346057a7463275682210957ae36bba116c3a032d9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 08:29:28 GMT
x-content-type-options: nosniff
age: 271081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12902
x-xss-protection: 0
last-modified: Thu, 30 May 2024 05:48:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 02 Nov 2024 08:29:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame EB25 16 KB
17 KB 43ms
8ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRHDJwM70VyIYbkPuZX9ATfl0TuoX7jyQDOjtlhxzRQVDRXd5eYv6yo6YucQQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab37b8511813ad673f9e55e276b7a99cab2f361baef6141a743afc4ebeca42af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 00:01:00 GMT
x-content-type-options: nosniff
age: 215189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16536
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:17:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Nov 2024 00:01:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EB25 25 KB
26 KB 88ms
15ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSvDbCivvW96Pt6fMZKLiJBLS2xuFdmlsNJw6xkrVD8pjfErp56bZANHxqttg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e82c4ce7b9a82408925cd09fe87b7df6062fef591442743906380d536f3c0fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 11:34:38 GMT
x-content-type-options: nosniff
age: 173571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:32:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Nov 2024 11:34:38 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame EB25 25 KB
26 KB 42ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTHY5Gb3Te-SGLYdfcs9LCIl4m9tuMHAZ4Mx6eyRab6igijY0aWFP10SZ4ooA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:56:50 GMT
x-content-type-options: nosniff
age: 485439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25726
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 05:00:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 30 Oct 2024 20:56:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EB25 19 KB
19 KB 37ms
8ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ1-BXrshJ66w-JBXV8RCgrCwFSMEY-z6faxzFcsoS38MLo3pN-S-C1UahpzHE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dd653c5c9e1077da9470c21b44726c24dc87374234349a259a40fab940b8acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 00:25:57 GMT
x-content-type-options: nosniff
age: 213692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18945
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:20:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Nov 2024 00:25:57 GMT

GET
H3

200

3995853839924061625
tpc.googlesyndication.com/simgad/ Frame EB25
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
https://tpc.googlesyndication.com/simgad/3995853839924061625

77 KB
77 KB

8ms
7ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3995853839924061625

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:44:21 GMT
x-content-type-options: nosniff
age: 187388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 17:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 07:44:21 GMT

Redirect headers

date: Sun, 05 Nov 2023 20:25:22 GMT
x-content-type-options: nosniff
server: cafe
age: 55327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 20:25:22 GMT

GET
DATA 200
OK truncated
/ Frame EB25 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b21b198a4539477c89962b670b818f48560864739f51927aff6a907612a6a56a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame EB25 20 KB
21 KB 61ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:55:59 GMT
x-content-type-options: nosniff
age: 319890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:55:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EB25
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmh05UNJIZZH8Nvmk9u8P-I6bMMjI0P9z_buPjeoRue7wyKoBEAEg8-S5HmCV4pCCoAegAaHAmPEoyAEJqAMByAPLBKoE2wFP0G2ocKaBegnMg2rCVJe7Y4Dsg-PAj0XMNOvlzNT23-WKp5Y...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227954909023596791936%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...

0
0

57ms
41ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227954909023596791936%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211411535558584911649%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7954909023596791936","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"11411535558584911649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 11:47:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 11:47:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7954909023596791936","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"11411535558584911649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js Show response
pagead2.googlesyndication.com/bg/ Frame AE76 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949928fed514092835ce57a89b81cd4906f85933b4608224ef0c4a2ba5278698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19684
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:21:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 61ms
41ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 11:47:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=1002118846463461&bg=!WFulWxTNAAb4oU7C2KE7ADQBe5WfOFqSP83IvST4nhG2ihIhtSHWWWujuV7SDANgqFTyiPIqiY4ZDLIPi3n73CD8by_SAgAAAGdSAAAACGgBBwoAbHl89DrHcgqomgSWzdGRg55pb18TkSkg3233jr8XjzbjiVXVIk_Xe-73rVOAPSDlGQ7J0FMz9GUF4XSAHNHiKptDvSY1qJD5dghtQfg3P55yPD4hmS2RRufdH87ju23yMQ8T3KsjwaHepiGBtJkC8fckSWW1hGog0NTbiAyOKDBCXR0Ph9W89Wn1mH27GLnDkP0hzXDqlvKM3zanVAwOgihprxDiDdEwyN6YoB6DAzmSqLmjomWxafYblljTzOjmj75MBxP0D39FcGlIytWJJss-X_PmGY9_jT1f8Q7eaTbwSpbqTBzWSB1FMpid7jS8nhBti9pZ3FVlxo-wyM_k1vXb13F_LFckv4zxrn_cZVtzwyuW2Wnuc8rzMA45hp35dR01fvYu1_IzvzhiOyZkmC7DpFXKsyhlXCqP6jYUDF2MsnI9AsuveOeYjDAYu8o5_hzvWBTdo9pMjzRj6SeJUvFX9MMBH8Qv6x05ECeqWlV456v6Ol0u2O8xMtov3-3cYX0ZmJ_rjbQ_Pt9Zg-G8DXjdZaaFDZo_ICrtu41GfUY09DbP19qsb_mnNB3RgJzmr8zXAAekfPSn8LLSsy_6thlQrAI78azaoIsW_b3k6bWvNb_gThC684oTUTbjCE3GrzoGFqYAzKQfX5yHkHBI-BV2cX5l_Ab3xr1meMZs3FRFiowDtpliPp5WaJ3ubqFo41iGlb67oaqgv85uduqnijSxwyKH-wHDmMv9L6nnuOV7SBviCJevFRJbL6iQGHcC8CIWY4yibWJfU53g6g1OD4uLuKlCe9bgZe4Q9IOdQvu_JHoOIZ3pf6sI2qPUTJM_sQuRj3tf7kZbH24afZxrT7I-epIylak9mS-ldc02nlLArefOwuIBGmr5F95H8rrQTfRp6DYajr-78IniUKdgjA6zHd6BguvgGBxSCulla0cj51KBM34fjgtO4SpMBcGzqaKruRU0BXKTWzb6BgOQFBWQD83D9p7vRw5DbWenENEm-UNvUcjYraCm57XzB4wVOWgAER-_2TFpZC2ILkWF0gVzm9hNvkGDcSYIFi70HV7mhdNZkaYzUtm6HhELu54TpSfBTujRG4eqwFyDpyDlXiderzUJeHNVrNGP_uzrhgU7OZmiEORVLsi62iZMiLctSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 160 KB
55 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5922a9ca8463ac2876bef52bf1a3fa41d5356490d48c0bb4d528d00b1230a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55827
x-xss-protection: 0
server: cafe
etag: 18043904274355447193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAC2 30 KB
13 KB 976ms
975ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc91ff0aab7cc4fdccfbd515b3c8b953e1b2d88267bebb987305c63efa70eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12784
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame F305 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 20:55:13 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 20:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 6AFE 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 20:55:13 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 20:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame A3CC 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 20:55:13 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 20:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 2267 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 20:55:13 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 20:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F305 4 KB
767 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 10:24:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F305 205 B
295 B 9ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 73868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F305 604 B
920 B 8ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 257343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame F305 16 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
server: cafe
etag: 11986448221276412250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 23:24:10 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame F305 21 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 20:49:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6AFE 4 KB
705 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 11:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6AFE 2 KB
825 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 6AFE 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 09:14:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6AFE 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6AFE 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AFE 189 KB
59 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 6AFE 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3CC 4 KB
632 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 10:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A3CC 2 KB
825 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame A3CC 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 09:14:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A3CC 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A3CC 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3CC 189 KB
59 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame A3CC 36 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9A63 624 B
245 B 51ms
50ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_2ahDh0owBGNuSgeQBMAE&v=APEucNXQQHbLBHjgevMHLqb5ZusBQcC8GK5ZvtPbrKyYgbb8upgM1jvbiZNJJPlEbsBA7KjQxk9gZ6UQLnzAeIM0yY-Ho4APX-h_v6R-vHpQ3z9-_4zipIcqHkO7p9qT30FgnwF-F6Ck8grfdr2mgM5JbzZEk7Xnehh663EeJILLDFoyV0P1CGo

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:30 GMT
expires: Mon, 06 Nov 2023 11:47:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C12 89 KB
31 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H2 200 tagv_50234_4.js Show response
wiz.sncf-connect.com/50234/ Frame 8C12 15 KB
6 KB 91ms
22ms Script
application/javascript 35.181.109.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wiz.sncf-connect.com/50234/tagv_50234_4.js?wiz_medium=disp-prog&wiz_source=dv360&wiz_campaign=1010587833&wiz_content=19965231487&wiz_term=478169435&esvcu=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CcuGjUNJIZZ-lNq299u8P8LKYwA7Y_faAcM_m5NjuEWQQASDz5LkeYJXikIKgB6ABhajahwPIAQmpAircdGgTAbI-qAMByAObBKoE_AFP0Ea7GdAZhTWL4oanClRG7rgQSKwCt8cL34yvD4_Dzfn2r-gKY30RspZYILTFvNS5yL3NQrNrbArss62rBu4JLZ49TvvnaHkySqkL8lEDm6rCYPbCdGVve6aeOtnqt0cbCzhPEp1T4obblGoIQj5GKcwklnUviY8_poPU4ltqjUNCUD5y4P6JFjZBqeagSRXW-4Tl5B_p2WokLoaWTSLU3W5WOHnMUIwLT_F3z8hHj8vVhDLrNCTdoLrmNW0oc1JwNWfhXlWBtB0rHBvzUTkrty4kwDHWQduTp4cWiFjuKJHlJ1iqmzqnFRDQBgMerbEpKePn_5Z7ORtMcM7ABMulgbyyBOAEA4gF_4KVsEqQBgGgBneAB-PXpXioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFsBOVu4cV2BMN2BQB0BUB-BYBgBcB&num=1&cid=CAQSTADICaaNXQztibICwqR071PwtYsNHDDOtHF73XBJJMkamq2u2RYcUBBdmW2s2E34pSQuCXEWsqcuvQmXP4Rq_7gf4xr5jF7itQhjv6wYAQ&sig=AOD64_3r6fT9BRz-lCIDxjhebfdykMr8Zg&client=ca-pub-9117077712236756&adurl=https://www.sncf-connect.com/de-de/tgv-inoui%3Fwiz_medium%3Ddisp-prog%26wiz_source%3Ddv360%26wiz_campaign%3D%24%7BINSERTION_ORDER_ID%7D%26wiz_content%3D%24%7BCAMPAIGN_ID%7D%26wiz_term%3D%24%7BCREATIVE_ID%7D&wiz_pub=https://www.hisour.com/de/
Requested by: Host: www.hisour.com
URL: https://www.hisour.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.109.179 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-109-179.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 742961c43f0cef62997bf56bbffa6f9a45489bc9a22e29764d8a065d9e173763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2023 14:49:00 GMT
server: nginx
etag: W/"64302d5c-3b53"
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"
content-type: application/javascript
cache-control: public, max-age=86400

GET
H2 200 tfav_adl_345.js Show response
j.adlooxtracking.com/ads/js/ Frame 8C12 76 KB
26 KB 59ms
19ms Script
application/javascript 2606:4700:10::ac43:2415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_345.js
Requested by: Host: www.hisour.com
URL: https://www.hisour.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0faf9792b19f818ffaca27289143311ce356a4ca088c1ce4cbc8e4788c9e1059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 834
x-guploader-uploadid: ABPtcPoVZ8yhgKuIyokHHOzFN-bhUIh-ot4FqqUQQlTAWUKN437gHHObiVNBfsUU9Omz9eiNtI2m31Tyfkp-H9TSiFHke0YT-9Gh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 24 Oct 2023 08:18:04 GMT
server: cloudflare
etag: W/"93916a282d9a66dc8be72483e2af78f6"
vary: Accept-Encoding
x-goog-generation: 1698135484686256
content-type: application/javascript
x-goog-hash: crc32c=/umK9A==, md5=k5FqKC2aZtyL5ySD4q949g==
cache-control: public, max-age=14400
x-goog-stored-content-length: 77393
cf-ray: 821d1a22fcd43a43-FRA
expires: Mon, 06 Nov 2023 12:33:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8C12 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8C12 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C12 189 KB
59 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C12 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPco1cGzqHRPhNaWs-hASf7pU7pn3XMoFX6KCyVUN4Qy5mRafLDhfnmWkPhqqlaiD7sVsjx9Mib7pQzUx5Xa2HfjcqCaoNHqOJpEf843vXPlVeoX0

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C12 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16069596630052545896&x=1&ct=119

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D8CE 14 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 10:59:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D8CE 2 KB
825 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame D8CE 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 09:14:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D8CE 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D8CE 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8CE 189 KB
59 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:30 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame D8CE 36 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9A63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1&C=1

43 B
339 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_2ahDh0owBGNuSgeQBMAE&v=APEucNXQQHbLBHjgevMHLqb5ZusBQcC8GK5ZvtPbrKyYgbb8upgM1jvbiZNJJPlEbsBA7KjQxk9gZ6UQLnzAeIM0yY-Ho4APX-h_v6R-vHpQ3z9-_4zipIcqHkO7p9qT30FgnwF-F6Ck8grfdr2mgM5JbzZEk7Xnehh663EeJILLDFoyV0P1CGo
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2Bmf1qz%2FWic1HHuTlGHMySBieY27fFW%2BDAFJiHOxR%2FztLtIDDA7nj8vo1mnNaXGujuToClOpKGdlSDo61JH62Pcad6hBo58KOmSqf9iQJpKIi8m3kMX62Z%2FqDfKP4bz%2FQ55olYam218PA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821d1a23bbe19b2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPy1tCYtoZteItxU9BJ%2BKKdXN2OQSbXmgqJjHqexIE%2FZnX0q0gb6armLkbejlAl6z%2F2Tsi6tnKZGyybEWS8k%2B4psjXNwxVK87nW%2Bw2xK2tBWKLd3gT3XEc7%2FRokFA0tGoHhrs1Hc2Er4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 821d1a238b819b2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9A63
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUjSUrRTaaWBPXPwNrfWrAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1

43 B
775 B

37ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_2ahDh0owBGNuSgeQBMAE&v=APEucNXQQHbLBHjgevMHLqb5ZusBQcC8GK5ZvtPbrKyYgbb8upgM1jvbiZNJJPlEbsBA7KjQxk9gZ6UQLnzAeIM0yY-Ho4APX-h_v6R-vHpQ3z9-_4zipIcqHkO7p9qT30FgnwF-F6Ck8grfdr2mgM5JbzZEk7Xnehh663EeJILLDFoyV0P1CGo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtT%2BV%2BEGGTmQ3ZLYE9pUS1P7X6Cyyt8ebPS4q%2FlA8Tvj4%2F6sOv19qeFJsVa1Su0VFYJtGvG1sQIjf%2BtfcNVZzIRiQLmVFPWlQPnzXjkNE50PsLPcIxQl3UNuhyxggaW%2BxW4XxhOhJLZcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821d1a244dfb92c6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtbWXI46pZNt2bn3tm9SaM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9A63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfNCVmxhcC6JVwfu9VDm4k&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMfNCVmxhcC6JVwfu9VDm4k%26google_cver%3D1

43 B
895 B

15ms
13ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMfNCVmxhcC6JVwfu9VDm4k%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_2ahDh0owBGNuSgeQBMAE&v=APEucNXQQHbLBHjgevMHLqb5ZusBQcC8GK5ZvtPbrKyYgbb8upgM1jvbiZNJJPlEbsBA7KjQxk9gZ6UQLnzAeIM0yY-Ho4APX-h_v6R-vHpQ3z9-_4zipIcqHkO7p9qT30FgnwF-F6Ck8grfdr2mgM5JbzZEk7Xnehh663EeJILLDFoyV0P1CGo

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
an-x-request-uuid: f4837104-53b0-43c8-aca8-175a2e4bf214
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
an-x-request-uuid: c26a502c-4b0a-4673-b128-0e163386881a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMfNCVmxhcC6JVwfu9VDm4k%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9A63
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDkyMjU5OTU5ODYxNjkyNQ%3D%3D

170 B
243 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDkyMjU5OTU5ODYxNjkyNQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
an-x-request-uuid: 395c2aa7-947e-4987-a1f0-68e7ce4381b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDkyMjU5OTU5ODYxNjkyNQ%3D%3D
x-proxy-origin: 138.199.38.134; 138.199.38.134; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C12 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9414172927716&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C12 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9414172927716&version=m202309260101&ct=119&x=1&cor=16069596630052547000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C12 90 KB
38 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5WsVsRd0GWFqzUxxbBLaB211Rz3c1BnXQZajbAFu2vVojlxM15-BFnJzkL0vL0PZnt1a-zlH1taiEcCndG23VhHqFv_sl1ra1vQI2Nvvq2wG3HAufZS6gMainWGMtNtvlDg3Ev2HxuvUMTlwy2yGN3W3oWO-wDfE7ZYagZ-la_jV-q4s&cry=1&dbm_d=AKAmf-DUQqwheonPZRGp7ODW4ICrLOygqwV7I4kbm2o5bdI3YVAQtEYW8cbFQmNvHs8TmbpwpKavXPVbq7qIJu7jnMUzXXYhlBKGHbJitiDZxuxojB8dDfSlujegPknxFdCW9QopuoWM--QqwpzT79qwRIqpfBPubOvwYP-QGeB3hl8XgkwDRNDSheTQRRO8Zs1txD2GSQaTDrTOR4xYfaYqnrSPDLsNX5GHHqAL9J83bjw-nI0-3hMSMKytiAZROwM4KsrX2HBstkRKSD2rkVD6lBWYh54domNveKDaR6CVd26YC14AsVLEY2igdU9vLZzofghGSnxG_D9jf0LI29afBqlhS4GIvqpNcrw3RtIN-qGyML9hYL7zHX6eMksq9UMMwp0SRuygU52uGsPXqFQF_Q1B_LkiwkF_y10L--l-1w1H3iIWhbUZtIg-mdXZn1aSVUkWv6Yq3265xlI275yH7hJdqY5OAYZ5bWeZy8Sb6M26wfRkXZj0P2jmJPtfxppjMUR8LBHkrLKCBJQsj0utKKj-NKQT7hbGHBIIR6LZoW-YuKFd2uVffid-to_LBCd1GQjzS_v2Xt6QcDvzf2ucQFuverE_iCHCkjIA3t5Y1XXLUj0iJUpH0QOiKgBvBxn9exPv5ybnn3Q-IUTuW5_m7Ff_RMrzewPWxAW1il0lub_HLLY9pRZzXe0c4FSnxGLbMFaCyzfej9bCTnRdQJlcrNQaA1O1Zn1EgPKMpFfI2Zr1xNb5yyfaYUw9sCgyPAM-N-nYBtzp9UEQrpW6msppLoIL5D2gIe-upkK0mmRVICfb7-AMyRCsqiRg0j3ToYTHcCRYN9t2ZwokWcN3-YJQYwGmbsHV0nbZtcpel_SgCNEEzsDE1t1vXgDxS8RoPRlOJGGrmFyrmEONpwwJDxIQC2avLs-BRG-d9kITJQI3jtodAU0opn35BtkxBenWXNvLoBJVH8fZnbXHgpSoQ2XFJ0TIa5xXLAkGEhg9SpSSPClmsTf4wmZA9iGT3FovR9pikmJP3FhffGHek_cqdDmCic0GAOboaoIktjg_LbNs7DerVxGER16wOFWjhEyD7MKYpeUUg6DfCL-NziepomwWH2hS1HArbsTVqOQEi-wh8GJkHZGH7Qn586589gmV_ksEnEf0ZJHio0oPCBg-irb0FhGB9GNBnjaP3nka33yw8ctblnGjGo6LKr8gPWMTQVpAhyt_JZY_5663cPY6BjoYlqSUi47AWRbr_ho8473y8bZtvvs_L8wYoTQUMkTqxOVMlgUFwMJPLjQn4I_hO6tH0abmG7oiUJvkggOR6KTVj_ensc0K0qK7v8T2WkUUmffYnWvMxqSEBzOT47Cohtb5Gf8_LhqjGpNYO2SsA4HMhLYiiHCPG4uMB7BhrUCqUvdVlIgL3D7yi9x9iERfzOiiZZyQjAeOkLe394VemI2-0fotdBzx_Ad87CIr6e7xDMG7d7ZptHo-mOJ0uUsB9i8NarMX4PrPwY2n9CBfqE5zS_V6YqtskqH3M3-Lb5LSULBHgnDKrltN9DG3TINFuQ_hd34Ho1WlDbm-31cdvCcfVkS0-pWtdbuy_XUDaJICdGEdyiYbCOFyiPqXkwFjxfWceKrBpR2a6jTrJhVkmacB6pH6k04VYQxrAmpF4-ZSCrQWA0E238uzOJ9Cst8SqBoJjsWqJpLh4TxPLg94YSnCezrRr0LnNKK6dtrOSCNuJI6hPJ0jA39kZ0R6DIf9e_zbmrN4utDT_VfwXXxbBHZw8Kk3sJ9eGQHTnF1B0S6KdjU3xLdd5KhCPFnIdB_pHom9VwsAf94KKA98idT8nPaPJD4C2NWDuzP97snjvmYAN6jiGm4t1VRZoKULJcIc15b6U4BvMInR1DdQPFI9I57VDVM5IMcchsySySUX6eDxMYOzI7_AALrjroBtmHocSmCo9NMNWkNV-fcF4X3s29hCiSzAHLh7BaFC1Caltc7ZOO9Q_te4BevPR0NU7aO10Ep6PHv6nTPBnrOoKulzhqQVD1MqZaD1duz5f9U6hFKKEHNX_0LdDZNmRSc85hfpDmJxUa3elyE0Yt24Dfqs6ouvj0fDvUMKnS4aKH3AQj6uYxzs3aa4xPTjoI8o88YV3AX4GLt-yuW4rpcqy3pp-QA9TGj3LlhnPykMkkDRnIPh0Xvy8Jit8oPHD3ezsIjpSjpqakQTQcuSR4pZ2MDHeq2mgt3PCIlaehKQtZ-dRKAKzt7xSFnjGkuZYPu-OwEsn1AWgkVpGP28PMZ_vx2-465_r7BZd3NSGaCeNGgzTSVG429iugQwJ3vWU_0sT-rbwnjRs37DTHpA8fUBH0H5NkAFeaM-b5mPVsSOLUHMyuFAu41RKQ2nyirT_btlRMCdt1CKv3BbeCkkZ6_Gt9bweperVCyFscA3BzHCYiWU6KY7VvDBeY3ZbL4p_yDVM7yDtdNB6GFcF67lSiA4dj-frzGr-fpfQoiHSyd1r9SSWKeVz5oBu2lbp7QOpih0txvy1TGuThj3RrCPm5ZkQC0_8wZ4Zuv1m2zFFaA1KWbgqCo18tHClTuZGSBnH2V1_N0Roxn0k53uQDeRK_z9bDaw-3M9CLWs0UeKAmseqHvUn_Jv1OA-fyz8R4nwZGimdGqZ64CRB4-97sX8okgAUfO3ZVZs3Kx9tjgl6X4SAdrO2VyAMsCb6sMNapqWJbdFOh9bQfNqIi-6DhN0XIsZ3Z3O9nqLXnRKWHtfFyn9CQKBHA39Fa1dcStJyC1UacufokeXMLF-74sbfCoud3tDQCENBmh6pmptyO20eEhe_9I7WjUvT4dFtLj0PlrmuTO_rNOo9Pk8zcUdnsW9hyvcuqC5VywNg-izYEe7Rp_i_lUPuuNN-9oc87WpsAWcSmG_WyATgtQ9ofhO5s9yfA4otH5TorjO2xhbCdYuP21qJM7-rZyS2oQzkRTGs_jWOPkaC3-oLVJAGqbF3hwUFXA6-C5OZih4sup2RMo1IXKL4zi-KiDEOrYsQrToo0fS6SHtBZcwhbQ-xoJER6lqixq1dPlh2IwiVcv2LDYBYY60S0g2W5sn4OFW1g-iyKwolyFTLkfTCqKh_OYtRrctDZnSGICqxu8NoukBNPwITc5H3IdgBgjzURmCaCYntvaw_oZFpHGn1u4JuOcbogPi4qoK-JrY8BJWMq0yWhD-dgVYy4jv9_rqFadPQ9EdrHpNfsYURCZfKPp2d1kSoRsaW8EYgqs9TJsZhRtaEq-h83Z5RyZ6SH9DIoAoT48ecTsu2KmxQ4bii7516UszOxe2fSTn07IUwc0TpTqQfmn7NoZ6ghduequ3BGZVniiLaA4FUc2qPmV11sMGzQFDxjbWR_DcwqTeFjHspO0qKnoy370157142PkZxzYwnTP3TpQuryKy_6thDREojg7d2i2fxC1V-5G853k16T5iyb4hV572B9cH41J-Q27QhbjMssJNDmRIX-_6b-Q90ZmIVmcCV-STAebUytlwoj04HNX8g8y3uNzZxFdN0q0hsFpRPXA45SQKc33YDUW0-kboq0XkMcxyjFWhhIsK9pl219QdbwTUMIUMjlRnUrTzr9vp3yc9lMvFjIFCTvvK4tnQdwOJgb41wevfMkBGAoBpPgOPpJ4jRUUTQRzkrs1tIBIlBBO69JQdasb8_A_uRZqt9SlkCNiIQKsCnZXHzFVEc9Bai-lwOri0M85m5MYFbc--KiOW0LVuK0cezX18uTBI6R0AaVaLmYoa0CmuR1lyUjcITzWpKdngJbqNqAF0CIHRF4MkeguiuPMMh47C3-4U7HfFnB5cqS5sncFK4uHMQUOoRduSQSeG580Sr3a7XpFL-jT-ZXydWajfT1uMzTpC7TgliSJK1aLD-utbkis_a7zDGToDINLnWVM2zppaKwb8rOTH2HzNfvSibhtd4gyQa1RfIhYNBjlzXKifF8bdKC2vz4wIytJWOmlUPugIdfTevvZLn9XFkgtO_gGNuUGiAa0YhpnHNV5_curjxovfmqlTAjk&cid=CAQSTADICaaNXQztibICwqR071PwtYsNHDDOtHF73XBJJMkamq2u2RYcUBBdmW2s2E34pSQuCXEWsqcuvQmXP4Rq_7gf4xr5jF7itQhjv6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hisour.com&ds=l&xdt=1&iif=1&cor=16069596630052547000&adk=929882891&idt=71&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b65b73036444906730fc7890d014614219a334452663f6c9021378a48839090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38523
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redir.html Show response
p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 83DC 247 B
868 B 67ms
15ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

47ea6741a38fa65f5c8fe48ec0fce888a4b905074074e91b6defc6385ae9f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-OlLEzAHJcJrKDtyBLAnuXQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C08 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949928fed514092835ce57a89b81cd4906f85933b4608224ef0c4a2ba5278698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19684
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:21:34 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8C12 111 KB
39 KB 40ms
12ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 8C12 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5WsVsRd0GWFqzUxxbBLaB211Rz3c1BnXQZajbAFu2vVojlxM15-BFnJzkL0vL0PZnt1a-zlH1taiEcCndG23VhHqFv_sl1ra1vQI2Nvvq2wG3HAufZS6gMainWGMtNtvlDg3Ev2HxuvUMTlwy2yGN3W3oWO-wDfE7ZYagZ-la_jV-q4s&cry=1&dbm_d=AKAmf-DUQqwheonPZRGp7ODW4ICrLOygqwV7I4kbm2o5bdI3YVAQtEYW8cbFQmNvHs8TmbpwpKavXPVbq7qIJu7jnMUzXXYhlBKGHbJitiDZxuxojB8dDfSlujegPknxFdCW9QopuoWM--QqwpzT79qwRIqpfBPubOvwYP-QGeB3hl8XgkwDRNDSheTQRRO8Zs1txD2GSQaTDrTOR4xYfaYqnrSPDLsNX5GHHqAL9J83bjw-nI0-3hMSMKytiAZROwM4KsrX2HBstkRKSD2rkVD6lBWYh54domNveKDaR6CVd26YC14AsVLEY2igdU9vLZzofghGSnxG_D9jf0LI29afBqlhS4GIvqpNcrw3RtIN-qGyML9hYL7zHX6eMksq9UMMwp0SRuygU52uGsPXqFQF_Q1B_LkiwkF_y10L--l-1w1H3iIWhbUZtIg-mdXZn1aSVUkWv6Yq3265xlI275yH7hJdqY5OAYZ5bWeZy8Sb6M26wfRkXZj0P2jmJPtfxppjMUR8LBHkrLKCBJQsj0utKKj-NKQT7hbGHBIIR6LZoW-YuKFd2uVffid-to_LBCd1GQjzS_v2Xt6QcDvzf2ucQFuverE_iCHCkjIA3t5Y1XXLUj0iJUpH0QOiKgBvBxn9exPv5ybnn3Q-IUTuW5_m7Ff_RMrzewPWxAW1il0lub_HLLY9pRZzXe0c4FSnxGLbMFaCyzfej9bCTnRdQJlcrNQaA1O1Zn1EgPKMpFfI2Zr1xNb5yyfaYUw9sCgyPAM-N-nYBtzp9UEQrpW6msppLoIL5D2gIe-upkK0mmRVICfb7-AMyRCsqiRg0j3ToYTHcCRYN9t2ZwokWcN3-YJQYwGmbsHV0nbZtcpel_SgCNEEzsDE1t1vXgDxS8RoPRlOJGGrmFyrmEONpwwJDxIQC2avLs-BRG-d9kITJQI3jtodAU0opn35BtkxBenWXNvLoBJVH8fZnbXHgpSoQ2XFJ0TIa5xXLAkGEhg9SpSSPClmsTf4wmZA9iGT3FovR9pikmJP3FhffGHek_cqdDmCic0GAOboaoIktjg_LbNs7DerVxGER16wOFWjhEyD7MKYpeUUg6DfCL-NziepomwWH2hS1HArbsTVqOQEi-wh8GJkHZGH7Qn586589gmV_ksEnEf0ZJHio0oPCBg-irb0FhGB9GNBnjaP3nka33yw8ctblnGjGo6LKr8gPWMTQVpAhyt_JZY_5663cPY6BjoYlqSUi47AWRbr_ho8473y8bZtvvs_L8wYoTQUMkTqxOVMlgUFwMJPLjQn4I_hO6tH0abmG7oiUJvkggOR6KTVj_ensc0K0qK7v8T2WkUUmffYnWvMxqSEBzOT47Cohtb5Gf8_LhqjGpNYO2SsA4HMhLYiiHCPG4uMB7BhrUCqUvdVlIgL3D7yi9x9iERfzOiiZZyQjAeOkLe394VemI2-0fotdBzx_Ad87CIr6e7xDMG7d7ZptHo-mOJ0uUsB9i8NarMX4PrPwY2n9CBfqE5zS_V6YqtskqH3M3-Lb5LSULBHgnDKrltN9DG3TINFuQ_hd34Ho1WlDbm-31cdvCcfVkS0-pWtdbuy_XUDaJICdGEdyiYbCOFyiPqXkwFjxfWceKrBpR2a6jTrJhVkmacB6pH6k04VYQxrAmpF4-ZSCrQWA0E238uzOJ9Cst8SqBoJjsWqJpLh4TxPLg94YSnCezrRr0LnNKK6dtrOSCNuJI6hPJ0jA39kZ0R6DIf9e_zbmrN4utDT_VfwXXxbBHZw8Kk3sJ9eGQHTnF1B0S6KdjU3xLdd5KhCPFnIdB_pHom9VwsAf94KKA98idT8nPaPJD4C2NWDuzP97snjvmYAN6jiGm4t1VRZoKULJcIc15b6U4BvMInR1DdQPFI9I57VDVM5IMcchsySySUX6eDxMYOzI7_AALrjroBtmHocSmCo9NMNWkNV-fcF4X3s29hCiSzAHLh7BaFC1Caltc7ZOO9Q_te4BevPR0NU7aO10Ep6PHv6nTPBnrOoKulzhqQVD1MqZaD1duz5f9U6hFKKEHNX_0LdDZNmRSc85hfpDmJxUa3elyE0Yt24Dfqs6ouvj0fDvUMKnS4aKH3AQj6uYxzs3aa4xPTjoI8o88YV3AX4GLt-yuW4rpcqy3pp-QA9TGj3LlhnPykMkkDRnIPh0Xvy8Jit8oPHD3ezsIjpSjpqakQTQcuSR4pZ2MDHeq2mgt3PCIlaehKQtZ-dRKAKzt7xSFnjGkuZYPu-OwEsn1AWgkVpGP28PMZ_vx2-465_r7BZd3NSGaCeNGgzTSVG429iugQwJ3vWU_0sT-rbwnjRs37DTHpA8fUBH0H5NkAFeaM-b5mPVsSOLUHMyuFAu41RKQ2nyirT_btlRMCdt1CKv3BbeCkkZ6_Gt9bweperVCyFscA3BzHCYiWU6KY7VvDBeY3ZbL4p_yDVM7yDtdNB6GFcF67lSiA4dj-frzGr-fpfQoiHSyd1r9SSWKeVz5oBu2lbp7QOpih0txvy1TGuThj3RrCPm5ZkQC0_8wZ4Zuv1m2zFFaA1KWbgqCo18tHClTuZGSBnH2V1_N0Roxn0k53uQDeRK_z9bDaw-3M9CLWs0UeKAmseqHvUn_Jv1OA-fyz8R4nwZGimdGqZ64CRB4-97sX8okgAUfO3ZVZs3Kx9tjgl6X4SAdrO2VyAMsCb6sMNapqWJbdFOh9bQfNqIi-6DhN0XIsZ3Z3O9nqLXnRKWHtfFyn9CQKBHA39Fa1dcStJyC1UacufokeXMLF-74sbfCoud3tDQCENBmh6pmptyO20eEhe_9I7WjUvT4dFtLj0PlrmuTO_rNOo9Pk8zcUdnsW9hyvcuqC5VywNg-izYEe7Rp_i_lUPuuNN-9oc87WpsAWcSmG_WyATgtQ9ofhO5s9yfA4otH5TorjO2xhbCdYuP21qJM7-rZyS2oQzkRTGs_jWOPkaC3-oLVJAGqbF3hwUFXA6-C5OZih4sup2RMo1IXKL4zi-KiDEOrYsQrToo0fS6SHtBZcwhbQ-xoJER6lqixq1dPlh2IwiVcv2LDYBYY60S0g2W5sn4OFW1g-iyKwolyFTLkfTCqKh_OYtRrctDZnSGICqxu8NoukBNPwITc5H3IdgBgjzURmCaCYntvaw_oZFpHGn1u4JuOcbogPi4qoK-JrY8BJWMq0yWhD-dgVYy4jv9_rqFadPQ9EdrHpNfsYURCZfKPp2d1kSoRsaW8EYgqs9TJsZhRtaEq-h83Z5RyZ6SH9DIoAoT48ecTsu2KmxQ4bii7516UszOxe2fSTn07IUwc0TpTqQfmn7NoZ6ghduequ3BGZVniiLaA4FUc2qPmV11sMGzQFDxjbWR_DcwqTeFjHspO0qKnoy370157142PkZxzYwnTP3TpQuryKy_6thDREojg7d2i2fxC1V-5G853k16T5iyb4hV572B9cH41J-Q27QhbjMssJNDmRIX-_6b-Q90ZmIVmcCV-STAebUytlwoj04HNX8g8y3uNzZxFdN0q0hsFpRPXA45SQKc33YDUW0-kboq0XkMcxyjFWhhIsK9pl219QdbwTUMIUMjlRnUrTzr9vp3yc9lMvFjIFCTvvK4tnQdwOJgb41wevfMkBGAoBpPgOPpJ4jRUUTQRzkrs1tIBIlBBO69JQdasb8_A_uRZqt9SlkCNiIQKsCnZXHzFVEc9Bai-lwOri0M85m5MYFbc--KiOW0LVuK0cezX18uTBI6R0AaVaLmYoa0CmuR1lyUjcITzWpKdngJbqNqAF0CIHRF4MkeguiuPMMh47C3-4U7HfFnB5cqS5sncFK4uHMQUOoRduSQSeG580Sr3a7XpFL-jT-ZXydWajfT1uMzTpC7TgliSJK1aLD-utbkis_a7zDGToDINLnWVM2zppaKwb8rOTH2HzNfvSibhtd4gyQa1RfIhYNBjlzXKifF8bdKC2vz4wIytJWOmlUPugIdfTevvZLn9XFkgtO_gGNuUGiAa0YhpnHNV5_curjxovfmqlTAjk&cid=CAQSTADICaaNXQztibICwqR071PwtYsNHDDOtHF73XBJJMkamq2u2RYcUBBdmW2s2E34pSQuCXEWsqcuvQmXP4Rq_7gf4xr5jF7itQhjv6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hisour.com&ds=l&xdt=1&iif=1&cor=16069596630052547000&adk=929882891&idt=71&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:21:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 8C12 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11960
x-xss-protection: 0
server: cafe
etag: 17132697034905592634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:21:54 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C12 41 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
DATA 200
OK truncated
/ Frame 8C12 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d4f521f9efb052857ef025558150b0f7eadf45bc8ca89954bd1b4415d7886ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js Show response
pagead2.googlesyndication.com/bg/ Frame A2D6 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949928fed514092835ce57a89b81cd4906f85933b4608224ef0c4a2ba5278698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19684
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:21:34 GMT

GET
H2 200 iframe.html Show response
p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 83DC 5 KB
2 KB 16ms
14ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cd8e9c60c4e8e3cfd680e89ab5b9fd1ee971a33d0660c08d96f2b551dd169d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-3pcqF6eA7VFvVSbymE-0xw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 8C12 2 KB
1 KB 81ms
40ms XHR
application/json 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=487&client=oui_sncf&d1=pg-287~1_vpw-287~728_vph-287~90_scw-287~1600_sch-287~1200_sco-287~1_sca-287~0_srx-287~0_sry-287~0_ev-234~sb.288~rp.288~rvp.288~rap.370~ss&att=0.0.728~90&visite_id=69345788436&seq=0&timezone=-60&js=tfav_adl_345.js&date_regen=e0208d5&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1&id2=19965231487&id3=478169435&id4=1010587833&id5=https%3A%2F%2Fwww.hisour.com%2Fde%2F&id6=https%3A%2F%2Fwww.hisour.com%2Fde%2F&id7=ABAjH0g4J3eve8LM94SlIVR3PbsA&id8=google.com&id9=pub-9117077712236756&id11=display&id12=%24ADLOOX_WEBSITE&p_d=0.137&fai=ad_iframe%40https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231101%2Fr20110914%2Fzrt_lookup.html%3Fhello%3Dworld%26fsb%3D1&iframe=1&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231101%2Fr20110914%2Fzrt_lookup.html%3Fhello%3Dworld%26fsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9117077712236756%26fa%3D1%26ifi%3D9%26uci%3Da%219%26btvi%3D5%26xpc%3Ddb8f4rUQAR%26p%3Dhttps%253A%2F%2Fwww.hisour.com&ao=https%3A%2F%2Fgoogleads.g.doubleclick.net&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_345.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: a233513e6b3b1ef852c1e1b1c400512396a64590da1172b059d10d53918b1d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-75d5674dd6-btp24
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C12 0
0 83ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDR1bMx1RxKFOxkqtaKt8mC0V0GYbZ-4NbODrDa8TY0mxQEgiZHnRFdL8jMWuQiqXcZ10DU_sM-gy4lIboxDOfcjik7wEAucW4k53Syt_81Z3Y1E7KHT6KYBU51j0jWaGzFU-bfs-ncFLyOJNipJeBW1-sx25KoUAD0JJ8uZ_Adz5RfrPAZpz1PWzTDD1dMwiYVNPYx2RUKJNt4a4aHQrXkDPYfoDIuDhHwchSUzRvEZ5u4Q4EoF3j90cWKwODKX0IGpEmuKvssbxbavNiLnrrVLyYv3mQ0tjLiaCCUreoaz3i846pXGgwIlYCzqxMTsOE3cmznP2W--AA59YGgM-rXn6QIv2nlhGUcCYfrFtLq96mLhdAN0rF-rOxt_fx4bzujwdUBslZ93URWShw2omUGtnAgUbVwu0llXRr4yq3dbRmB2j57NFlxSyjrQb7KQHJljmKqKDZn6lddg89Lg2KP9Mzy-8u_VmJ73uTLC-xUia1Z4eEznh3Ii48gYgeSRUtb01ZZckhl_BKaii4_K1bSZrI_CDy4u6YJDlZL2Nv3Ya0wqDPJ_BlNS2WzsCMCR9D2UNJyzgvHEFukXVl91GaIhzxs7t20BaVlNAhZYvLtGIOYXxY1uvLYLQ4aMxcebZWf_NSbLB1zNn9vHOp1qxbGKYq9IX4NdWBY3Q1I5Xow0Gjbdzkpk0Xl1RjvQ4sg7MnEGaNPtkyvx4IZ4Kgpihfka-tRVYjFNET5wplu3xAbAvTf_Pmg0RjWVpe-t-yeMmaXg48UfNriaX_x1LD8RpMj03-Y9Ml7rrr6AnDrY-RRkXridY1k0dR2pDWbWVC6BrHVj50jJcr1iUm0h2Z5QqucHDpAiZEGnDnMcK6FANJ34j_6_aasXPlvqOcE__sTObQeG2oQN9PxsTWWfqEySWKUgNHTLV2PYJZO25C-sMnDt_T6lYUar1gX6sGhNYkNfmgNSUMS3t6o_N650LEoi3Af5ZUboRvd5AdQyZP0USc8MRYA_glsl1uiESByR-wyHtgHhCVBXMvSxVrnqtqrQZxztpmluAtpQ21BOkPnMaId561hahFg165v3Yx0kZ7Ibs_ftQbBLIqOnVJjCkMKeE0EoarhCqIGd9BVEUqQSmJpiViaFzOm7mdtAGCtI5i78tHUQ7HHJhrZF_hLWPPwWOJbrQbpUjU44jcsv4H5YjFrkL0dNWyzqLjfxcCHm9iPrrmBzFcCVHvYph86QO-gmeumlYV_jTmaHq-t-ATqsouuPC-4ex82zbj1hbpDft2yI3tyVuI7Ri_Edf8D2TPZ2-FO1MsnhvpR_RFysqt1c_DAxu0quup08J3KVow4EBWDuovm3uySr4&sai=AMfl-YRDsZqFSmWXFJ39_H5z5at9KPtJIEi7ERXHptHDYrMyJlafStgX4UtuXwhZSGLcaYKPL_KDGcctQGMblg2JcMWuZxkt3W_jE0zhT4kydneF8c-Bf15l8iG2CV-TdyUeRjevQYZ3U5YhjKf_E5UhdZapW6vVAbYYivSCZuXOvat-HomQq7AnigkD9aH3q6JgFMBlcULNwJZ70fNvoD7mSqciaP5vQQw-qbDR8ruceCl29nWFwnJj92F3oR1DGoNgGCxHsliLg2Qz9HcHYVlG4e_bwP1euhzEKfuwF0XziEpcKVURmqd-EC8D0_tD7w&sig=Cg0ArKJSzHeFxgXYEWs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=178&cbvp=1&cisv=r20231101.30413&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8658322401095783753
s0.2mdn.net/simgad/ Frame 8C12 27 KB
27 KB 25ms
9ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8658322401095783753

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b8f80305afe8feb7bc1c8a8537ccc18737c5083f7c209b3c40410d02180733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:07:32 GMT
x-content-type-options: nosniff
age: 200398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27280
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 11:01:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 04:07:32 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A0F 38 KB
13 KB 10ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js Show response
pagead2.googlesyndication.com/bg/ Frame 722B 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lJko_tUUCSg1zleom4HNSQb4WTO0YIIk7wxKK6Unhpg.js

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949928fed514092835ce57a89b81cd4906f85933b4608224ef0c4a2ba5278698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:21:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19684
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:21:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C12 0
0 45ms
44ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDR1bMx1RxKFOxkqtaKt8mC0V0GYbZ-4NbODrDa8TY0mxQEgiZHnRFdL8jMWuQiqXcZ10DU_sM-gy4lIboxDOfcjik7wEAucW4k53Syt_81Z3Y1E7KHT6KYBU51j0jWaGzFU-bfs-ncFLyOJNipJeBW1-sx25KoUAD0JJ8uZ_Adz5RfrPAZpz1PWzTDD1dMwiYVNPYx2RUKJNt4a4aHQrXkDPYfoDIuDhHwchSUzRvEZ5u4Q4EoF3j90cWKwODKX0IGpEmuKvssbxbavNiLnrrVLyYv3mQ0tjLiaCCUreoaz3i846pXGgwIlYCzqxMTsOE3cmznP2W--AA59YGgM-rXn6QIv2nlhGUcCYfrFtLq96mLhdAN0rF-rOxt_fx4bzujwdUBslZ93URWShw2omUGtnAgUbVwu0llXRr4yq3dbRmB2j57NFlxSyjrQb7KQHJljmKqKDZn6lddg89Lg2KP9Mzy-8u_VmJ73uTLC-xUia1Z4eEznh3Ii48gYgeSRUtb01ZZckhl_BKaii4_K1bSZrI_CDy4u6YJDlZL2Nv3Ya0wqDPJ_BlNS2WzsCMCR9D2UNJyzgvHEFukXVl91GaIhzxs7t20BaVlNAhZYvLtGIOYXxY1uvLYLQ4aMxcebZWf_NSbLB1zNn9vHOp1qxbGKYq9IX4NdWBY3Q1I5Xow0Gjbdzkpk0Xl1RjvQ4sg7MnEGaNPtkyvx4IZ4Kgpihfka-tRVYjFNET5wplu3xAbAvTf_Pmg0RjWVpe-t-yeMmaXg48UfNriaX_x1LD8RpMj03-Y9Ml7rrr6AnDrY-RRkXridY1k0dR2pDWbWVC6BrHVj50jJcr1iUm0h2Z5QqucHDpAiZEGnDnMcK6FANJ34j_6_aasXPlvqOcE__sTObQeG2oQN9PxsTWWfqEySWKUgNHTLV2PYJZO25C-sMnDt_T6lYUar1gX6sGhNYkNfmgNSUMS3t6o_N650LEoi3Af5ZUboRvd5AdQyZP0USc8MRYA_glsl1uiESByR-wyHtgHhCVBXMvSxVrnqtqrQZxztpmluAtpQ21BOkPnMaId561hahFg165v3Yx0kZ7Ibs_ftQbBLIqOnVJjCkMKeE0EoarhCqIGd9BVEUqQSmJpiViaFzOm7mdtAGCtI5i78tHUQ7HHJhrZF_hLWPPwWOJbrQbpUjU44jcsv4H5YjFrkL0dNWyzqLjfxcCHm9iPrrmBzFcCVHvYph86QO-gmeumlYV_jTmaHq-t-ATqsouuPC-4ex82zbj1hbpDft2yI3tyVuI7Ri_Edf8D2TPZ2-FO1MsnhvpR_RFysqt1c_DAxu0quup08J3KVow4EBWDuovm3uySr4&sai=AMfl-YRDsZqFSmWXFJ39_H5z5at9KPtJIEi7ERXHptHDYrMyJlafStgX4UtuXwhZSGLcaYKPL_KDGcctQGMblg2JcMWuZxkt3W_jE0zhT4kydneF8c-Bf15l8iG2CV-TdyUeRjevQYZ3U5YhjKf_E5UhdZapW6vVAbYYivSCZuXOvat-HomQq7AnigkD9aH3q6JgFMBlcULNwJZ70fNvoD7mSqciaP5vQQw-qbDR8ruceCl29nWFwnJj92F3oR1DGoNgGCxHsliLg2Qz9HcHYVlG4e_bwP1euhzEKfuwF0XziEpcKVURmqd-EC8D0_tD7w&sig=Cg0ArKJSzHeFxgXYEWs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&vt=11&dtpt=141&dett=3&cstd=313&cisv=r20231101.30413&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hisour.com
URL: https://www.hisour.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FIL_ROUGE_phase1_728x90.html Show response
s0.2mdn.net/sadbundle/17329333187277136373/ Frame 0402 6 KB
2 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab6f8af5b7669c91529497e3587bb0f15ad6c8f10bb7852c30ea5ddd92c66e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 204171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2311
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 03:04:39 GMT
expires: Sun, 03 Nov 2024 03:04:39 GMT
last-modified: Tue, 21 Mar 2023 11:00:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A0F 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 10:25:44 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 0402 236 KB
63 KB 85ms
24ms Script
text/javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 06 Nov 2023 12:02:31 GMT

GET
H3 200 FIL_ROUGE_phase1_728x90.js Show response
s0.2mdn.net/sadbundle/17329333187277136373/ Frame 0402 63 KB
16 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5633605e5166b9291ca6bdc19356087ab88766192cc2b945fa5637e552eb990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 08:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16206
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 11:00:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 08:22:27 GMT

GET
H3 200 visuel.jpg
s0.2mdn.net/sadbundle/17329333187277136373/images/ Frame 0402 7 KB
7 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17329333187277136373/images/visuel.jpg?1678999058977

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3656914ba10dfc09f2642bebeb64b58bca12b5463f6915bc2fe07edec2fb3069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17329333187277136373/FIL_ROUGE_phase1_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:48:49 GMT
x-content-type-options: nosniff
age: 496722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6976
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 11:00:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 17:48:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A0F 0
23 B 44ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bn9SjUtJIZcuRHZX3x_APhYOH0A0AAAAAOAHgBAI&bg=!5Oel56jNAAb4oU7C2KE7ADQBe5WfOC814UDMB2yduvrn38pgdZLiBzxd03TlUjxWjQbiVL3Oh0ec0SZF85TxbdOWIciiAgAAAFNSAAAACGgBB5kDRIGURo-NeNvmA5JDlICvJWm4amjJI8VVhOZoPEnjDUZQIdxdkRd6O5Bnqslta9YztL57-hZbCz6ArE7VL4aaGlIhu-DkF2gMCQTEUMktNS3_w_gARjhwp96Xb1p81ranj-OlGQmYwdPYFzilbp4EJELzA29-kLL1HArsUse2IhNuy1Jyx1W9PmV9ZAoYnNYgD9VcIUzI9DTBfN4KMt2EkNGJygdlBBB34Uz23se3mrxFGpIYAGgd22gizZrrRYBnP4GriKYFoAlXoYd7rniMEEv_rJ46c3gdlnhqONt9KyeSedCBrxUZyn6RjnVeZcGli6EquGqVjQDu72qE2dYc387csmfJGvkfU9iAfhnOibOgRrdoXihu2r2Auhge9nzA9XBWt3ahvIOLqgsPr2K94dW8GMzbV8cc75M-V8zbYzIPAG6aPuKu09AKQ1PM8YpVbVhCgSJs8gYI2qXVTKXLeCwuEbL1vMDi-WFkI_AvnCSB1PgJmo_LOulsDXi_RuRHdPu198XQv6TUuT_0w2ywRNCteJBhK0ukuFXDqShBdtZcoG-_xyHUp0pkJGXnIMSlR1iO9JOh98aTjAfPMSXaxs7dQX8vtlCPcREO9lY7T9IczFeWv__d89PvMDNtvFgqOjXJGFItQ-dOW9KrB4xj8z6oyAtYznJBI2Im7YIJ0A9X6X6Gxa_Z70NIP2PxsbPaX_JXCk8qPYtrEQI7w2tSpM8mlJyWIOqJb3bp-ePcpS7nCWL_3lCvCszRrXIjQraDvCZjqP-26TGhF4portxTmAmAv2RwCeWEXhz9mN3zg2j_wSFvfVW6eJDCmMx3lGRoVW669K3wjltlefH14tDhyu8X-53KCBd00WfXJY_FMjmBZFowKnxra48YHA566PpUCqJf7mzuqY27dYc3mOErZoqAjYVcUMXzlteY3-3sdxtGynHCjG6upptj5tl-icDBVwbxOHNgmChpF2X14yMTgiMobx7KVSChHhIsOkanh8T4D0WTFI8CLvjyS1ep-HThRUoevg9j-0r_BTYmofzY6qs-D1GPjvoGn5TTmaVYSa4qlRTBKoJ4-KCiBBQMQXWWSAg5zi_4FfGo82vU_Qo67IeCTMe0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 21D8 640 B
265 B 51ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 11:47:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D7FF 89 KB
31 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:31 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame D7FF 32 KB
8 KB 74ms
26ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame D7FF 3 KB
2 KB 62ms
14ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4861463&kid=6122633&bid=18580041&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cs7jaUtJIZaOUC6W49u8Pm9CjMKKxw9NzpOzOxtkR97e-z4gKEAEg8-S5HmCV4pCCoAegAff36YQpyAEJqQKj3BALkgGyPqgDAcgDm4SAgASqBPgBT9D9UBHOBNDuTWo9J6bC-_xd4778d77-okuGxBAKdA_2Ssih1DqHxMv9BSNQruEr--WwSQ0RzaSYIaurJ5TZb_HXDnNqY-jXZcrVQP1EYB-nd0vjaSCqNRT7RrRnG5TDI1EFbjS1w3WSqZw-dkaPtTzhdZ5n82KxHp6Eqz5UoemXj1eluBULix4RhKY_gt_cDFYMJmK8ksmfbTZWUSJ--0vyVUebJXx25Z-Yl2OMa0v6fRBxV_GGCMXTyRU66fhFePrZO-WmlIjXSqR0NshvpyYv6iAFal42rkpR76x8atLcTuGmljp1bOG2t1fi6qUWqIpbrrZmYGbABMvGgsnVBOAEA4gFmZ2Ggk2QBgGgBk2AB_evuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERbATlPGWFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&num=1&cid=CAQSPADICaaNwmBtxdujN0XMqTf7OG49QxjyDRvBEPrGOJdXr4nxYE6IUWWCA9t-lrvCWJfwHcZMoPo2XyJPjxgB&sig=AOD64_0ll6l2ik8q-4-shn3hNTeqrhMqXA&client=ca-pub-9117077712236756&dbm_c=AKAmf-DJvTA196buX3bdHAuibLt5cBIBftvHvKMzGc1jYWPuDNCLwzy1EUyWH9TORHhNXCKKO1FIEze5D2kMyd2Ww0MIH9sKxbVjKrTQczny6ev2Pwr4se1ACY3mjXHyWmswXBzozLTVzfqFXxJEIMC5IUGvWSg3ALXjPXZTNHB28-1jROKUjKE&cry=1&dbm_d=AKAmf-BrXJ090vUUJGcqpVcExf1mXH766WcwUbdcMNdEWCTLN9jlKTdKgbIawsX5tjoDyKpsQZX76Nqp8oyo4QQd2M09yvmopXfw6J4WDIkrOq1y5mfqqJOicb7uf32ItjjnQfbJlVfmgiLLj3wv2qh6QSoUUwYIpNBcATbtCQN5NfDrs_ibamu-YnP2uCr1n1lcby0CscVZANkhPqZj98eR5df5kvZOC0pFXuK7_sVNiO0vQLMGB3F_EUPuIfwqpOJBXclq-Iogv83qU6yyVis5mpcJJu-qYzCFySNElIxsMQy4S4urT8CsVuy4cYrXKXXXSmr32ep8jBVL9Y-nu-UlL0vq-IG7q9QSwEFRk-WIUM-cQ5MY-45LDOCpPT90zmhWeuD78puX32DsXy3zOKbNlZuMhTK19ykFL4_L8E-KPbiuxH6MKubQJMaWe3Txw-paPwFhMdjn3dJkfZq4qoxVFmkz5DY-QgKsCYW-9QnHEjLEj08TSvUBDA8VgNp6uw4qLTPLxAbTqgFnVJGbvb6kqHXuasAH-mTkE77bQpikR3lHlDugqmA&adurl=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5e082738b17367c84be7a89ca3ec510c5f546573a71207520328865673c2cf7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 06 Nov 2023 12:47:31 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D7FF 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:25:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D7FF 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 06:27:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D7FF 0
0 16ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1un4nK6aBbgp7cmZD3HYQDXndywdPC-4WZ53-VqpLzw6m5--1q5drfoaIwCRR3aKdrkcbRgChxm3Gn4hAb7scQwxwug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7FF 189 KB
59 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 11:47:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7FF 42 B
66 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DRItdCFgdyTUskrloDTWg1w1aM8VCQ_XdCfVKLHlpW_eaGOqxZo_j_U_eMxw4HcH8b8-Vf8wqCtd9iEufbjVxIJTQm3MRjWoyKidDs1w_yscFVxic

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7FF 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13928438389216592299&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 21D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF_vsGbGndnkHWWm2V6tckE&google_cver=1

43 B
264 B

23ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF_vsGbGndnkHWWm2V6tckE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF_vsGbGndnkHWWm2V6tckE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 21D8 43 B
136 B 136ms
113ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 21D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAKjKy9w4RlYGpss3gWQtVo&google_cver=1

23 B
163 B

40ms
30ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAKjKy9w4RlYGpss3gWQtVo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 11:47:31 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEAKjKy9w4RlYGpss3gWQtVo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 21D8 23 B
163 B 64ms
32ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBi30-T6ATAB&v=APEucNVk32L-BQdt-ZZICp-bx3yJWDH9ORJB2pTKzRMaFrJEmbI4E0puWLCKHrvZ0KZRumWGpMlndFPPyry8E_hMqF6RZEqu8wObI_0yG9152TymJqQdMTGecTveNmO0kjBlA7pQDlUn537X0ldGmRALEenXvy94JGxHJX3RNyBXMuQhEYRKBGo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 11:47:31 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7FF 0
23 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=731437351782&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7FF 0
23 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=731437351782&version=m202309260101&ct=77&x=1&cor=13928438389216592000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D7FF 30 KB
18 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2fp-T3pADaAPP4bqRCyXsH55UvC-c0VfN1X-hNvpeaxiaVn3rMI9LpQW9KWCv-f1zFaTZ3w62_0qiHGKKYmiY1tdLqTRJIEmC3tQN4YQfD4VrV5ZodtZUhSo3zJ8dytoxgqP70QmAGxDe1IvRPd1TtLCOzzp0O_XBZSS8DgqlbnlMOyE&cry=1&dbm_d=AKAmf-DuhfvdUKePe8_xK7-NRrleD5g6aBa2wjgSCvghWi1_7HWRA_P0Wi81tZ8mwQvnEvqGqghsN2KvYSgIJcRO1OqnMN6G_s3Sj0UKLp0KhbCRKYsgD-ZDoU33arDLghNqaOPoi_KNINv1qir0O4kV9QEaAvqfDCKiSucJYCMNEZkgRPEE5Ajs9y63q5vUfzsg2WWsLoMLnumCWD0Kza4Mjr64UqL1IM0wR_x68joONyiYq8No8vPO8D2QDI70y0xBtdjYpEfh7zjcIJ9YcPqeqKRQSvKwlcY_2_CvVBJvAlLc_p3VKge5EigkJY6ruB8yeP2b08dEp66AQzgBRkjzf51om9mz-CkrvJ4stRc0F6y6PspqkLOVoHBnU_ODsD3ad2SWor9DwF_NTBcW1XT4Rw8PruusE0nH3A3aNBck2WaYKiBSY5nqaaI8WotbCpj3AcWSXB1gcD45frk4SrntdEt1FqVOkwNMxcpI54s8YGmfPcZdAjbmEd38brzQP3jrp3nBtVP-0qneuneNUSXis9b9PvPSvELAHKWfSsr0YGgma10zeauqG8-e6Ey6HSEVUvrZwVqwvqTn_rwJyuZgSaTjtQsYH24VFj7NK7ZW2HhfhT1KSaDPUDC1dH-jEcLLaGDtH2lCGN-2C_se0mgZmvqTARfd2hy2BsSgU9dBYcbBIs9-Pgpi4Tw_cXRITpJiDQJ5Us8tkRdvGcQz8NodP5wRS9QgVypQ6rKHy6MwTJM8pJI5XDL4oRmRLmEsMqkymbzmYlsEvam7Q1rQBeWk8WWjyLr7DfypSQubW6RjUMX2W1zKncX98tGRN1alU-sxYamDcdoF-I17kC8fiEpXsy4-_3l5yXPpVxALmQrniwROJkjtAHh8PEikrQsnYcJG2CgpmZ2W6U_baHPazFfC7aHpbqtLHj4R1rMte2HkRm8P3bLdSt3iqt5ESdG3HroUytDUkCEif0pIWep87B-hGYR3vAfgPDWdhp79OTTemijjgEZ06qlP8veqreoF_hYPNQJmZJXgA6pA2ZaXjiYnlehGG3Ttg0qIFJPDmYy3pW9vHZfHQTdpCM0nh4kPkRqw8Woe7_vdkrBha3JSlAMP6SWKyGhgcW9JJDvVqbdLNDZSG6BhH-0327tXXeUI5Dul0VVDkP97iz2y9PJpGwMYow15lr-TXOpZwfbPwF1MnGIfkqKYFinsfq6z1nOXcgwmCuQe7KdJFiVqvJu43FXIN_QRRwgvStCkORIPXkuuuCnEmpCtR_TbVzCCTALa4lUGlM8wdbgTo3O0Qn9V8ykuCuRYuglnd4zgd6RX_1Xl_hOAzmMUltMROJUFeld8K1iHy2Syg0J95Y13Oj9_oN2RBJpC4Zd3notP-j2a82xIN_0_o_ruvvVMk--lT9vIIuHJpBsjc4Z44fn79n8c910I6w8WaEUoR2sTmwbjUKKxHTonu0UnhWmA2pAyzFPkaA3u4Q0uQ-_0KBc_-2iQlq-WeHeN43yVtLh-3ATNtSFJSBRH9XlmE5ZMx5VHrC2bwzXAuMlUheroUWkcOycJZNnYlKTFuVVswqARiR4GujAIVQWmYBN2VWhLTl52mn7YFUMx5Ob-IQidxhP1OsbO5mwCsrxr27ZxA5h2Kw7kbJgOg1BxPoQX77ETzxl27A4TqiDXc5z0DTG8XSRLKMWotUPxMHHyvAvjUYYVRiJnbJXGK8bQp5xfZ4OH35CQ_KmawrvIn1tYSlmO9Oq7NJdfIxt_1uuRRKVUvAOlL6m_mRmY3BeZR1FFS18xJcLLa1fy6CJzTYpCn7yvieoMaToRqM62v7WZxJhLoMtUlht-fox1d7yDyhmCgfTdCb-2tD1x58MsdJn1yBSu_nKa1Zp6skhmrE6MZIrKtgAoI7c9-78ZGcG_mDvs-iHR7z4Dl1BjxTVUMhLm1Mh-TRgFT2lFwnjDmfvrfNoW2XiIcjotzRrVmgXSiKVzIY-s0qRufB7den_NFTpBIABlMALfwlHok5oIi-lFhaVMfIjIBq-KfxIegEkDoOXb7kNo1-NU_0wVeuwoC-3TP_50rZ_-JQBL7b4-AQWf8mAXuoO6Wo-nge0BWBNDO8qdyGNuZaYeuZ0RV1N3zx-adDP0oBry9nKLHj24THxKaJTMKSDm7iC1M9rH2UDdc_nSpZYebs3UNjahE-pXEj03WfqxUDnKvFkadk6m5D74deelNeYs7caoUstJ9Q_uu_2NKKkAQbNPuJ-UAAe491kVKIsQHhwY7Hj9T9IqQ_j914-vt8T6HKDsxqkWAxMAcUP3DdoKE8cfiq4Fjvj2wEMCir5Z0UPW5hutn0vFAqHm6F1hAbmHfgBX2GhSvKLyy6EcQ1QRdZ4nvdVyMBUSTKNElErZEG1w3i3qiQuSa2dwM5KXGbhjE-yHGUvXpYtzvOaobBZVoQz1eYreXN8EjHHrQ0I1gl279ioXrQDUnQXtOz3VDQy12VmB25Maaryo-bZi5a757G4IVSDEPQdyzxYc80Acvcvu4GXrwr0CKP1SNYuKTLl6TtsSS1eh1PRC0s4i4m4AcVMLU7ClN4t0sVKqUjCeRllMNt_xsqnUqBUHMmc5n4i6ywWguI8S6v81KaQkEDAb1aVHAOiMBUSBu92KbuhwgZFzmO9znaaMBdX8va6t0nAc8YqZCmkkLT13EB8gPExuxU08Bw8GtYG52JpwvM0ALuruw0XSsXJIGbTcG0BAfGBu7ifjUOcTSql_iL_MW_VOPrHgfhzEISOqdbY9D-dl6w3INzXi21FdiG90ZzQUe-1g0YbVVK3YFPYIxsTLvyLk7_5MJ3wGO9WVdozEMfUiqvLzGXUjulxj8PA8BjxW_c_pb04mnc6XoWwMCPO9f42IowQhsalsrWLJRBvpmY3HHfrj2pGKHEn-YbB15510xvWMkae2d-b0Zg0-DrVMThCGOGYM_spLrrgEJ_Se8YR3BMl72vQWG1TibFs4d_w8oU6yIjkk3QLLRKgK0gEyfS01mNYfGLpBSbRTVUmFqzQKR48uALXfcOjynLGIiYuHGHzxRAPtlVvB0Wxr2VCj0SjZ3NCx5INMnPBxt-4nWvwDhihHex6ZIJSKRovpBZpoEPzC2fvvVNhnM87ZSSPcIhYTZve1jn99R0kBsFTpMd0gDbT9NTCExnLy__CCrpTiuMX7nKO6HvMTLbMnNcK0PJZV9V8P4E7z933H8Q6-kFbHpIOPCdmzHAMn-KULMWaQUv6NJ8FAih_3s5-58JHsJsyvuVVS-sl_u77pXPACbQszJWyts_kmdCujiq7FmEszp6jJR2GE0wnzZDhbof_JE-sLwFql6izs47nYYuJ7pbio_opM7BZsZil1cCeeHLFp9uBc2sWbs-p7F9vB6r8e_onPcWyeHfv3wp1IeoIAlM17E-5GEfW69YEWUaMpS1kRWXayEDiYMFuZIpxB5RuhvMTAtomcROMIzWIE2x7lQX6LyUtTJamNVU8in1mNO-V-l9B4Le9ggdFT9AoToH1dJQAF-h_Ioo389P6yY2Izm5e-biwjhrbV7nWVYnwM-I43_6Lk9aONsFUhOT7HEe4cFTfODS91w7E14e2Ttip94L6wKL3Wlcfrw8g5BfEAIvAIa0FEoGX0T9VuF-g3j1oOnG4&cid=CAQSPADICaaNwmBtxdujN0XMqTf7OG49QxjyDRvBEPrGOJdXr4nxYE6IUWWCA9t-lrvCWJfwHcZMoPo2XyJPjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hisour.com&ds=l&xdt=1&iif=1&cor=13928438389216592000&adk=1761367587&idt=65&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33e82ff332d2a2410a29d090b99521a4b2fdc40402030d71de31155cbb06a214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame D7FF 31 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2fp-T3pADaAPP4bqRCyXsH55UvC-c0VfN1X-hNvpeaxiaVn3rMI9LpQW9KWCv-f1zFaTZ3w62_0qiHGKKYmiY1tdLqTRJIEmC3tQN4YQfD4VrV5ZodtZUhSo3zJ8dytoxgqP70QmAGxDe1IvRPd1TtLCOzzp0O_XBZSS8DgqlbnlMOyE&cry=1&dbm_d=AKAmf-DuhfvdUKePe8_xK7-NRrleD5g6aBa2wjgSCvghWi1_7HWRA_P0Wi81tZ8mwQvnEvqGqghsN2KvYSgIJcRO1OqnMN6G_s3Sj0UKLp0KhbCRKYsgD-ZDoU33arDLghNqaOPoi_KNINv1qir0O4kV9QEaAvqfDCKiSucJYCMNEZkgRPEE5Ajs9y63q5vUfzsg2WWsLoMLnumCWD0Kza4Mjr64UqL1IM0wR_x68joONyiYq8No8vPO8D2QDI70y0xBtdjYpEfh7zjcIJ9YcPqeqKRQSvKwlcY_2_CvVBJvAlLc_p3VKge5EigkJY6ruB8yeP2b08dEp66AQzgBRkjzf51om9mz-CkrvJ4stRc0F6y6PspqkLOVoHBnU_ODsD3ad2SWor9DwF_NTBcW1XT4Rw8PruusE0nH3A3aNBck2WaYKiBSY5nqaaI8WotbCpj3AcWSXB1gcD45frk4SrntdEt1FqVOkwNMxcpI54s8YGmfPcZdAjbmEd38brzQP3jrp3nBtVP-0qneuneNUSXis9b9PvPSvELAHKWfSsr0YGgma10zeauqG8-e6Ey6HSEVUvrZwVqwvqTn_rwJyuZgSaTjtQsYH24VFj7NK7ZW2HhfhT1KSaDPUDC1dH-jEcLLaGDtH2lCGN-2C_se0mgZmvqTARfd2hy2BsSgU9dBYcbBIs9-Pgpi4Tw_cXRITpJiDQJ5Us8tkRdvGcQz8NodP5wRS9QgVypQ6rKHy6MwTJM8pJI5XDL4oRmRLmEsMqkymbzmYlsEvam7Q1rQBeWk8WWjyLr7DfypSQubW6RjUMX2W1zKncX98tGRN1alU-sxYamDcdoF-I17kC8fiEpXsy4-_3l5yXPpVxALmQrniwROJkjtAHh8PEikrQsnYcJG2CgpmZ2W6U_baHPazFfC7aHpbqtLHj4R1rMte2HkRm8P3bLdSt3iqt5ESdG3HroUytDUkCEif0pIWep87B-hGYR3vAfgPDWdhp79OTTemijjgEZ06qlP8veqreoF_hYPNQJmZJXgA6pA2ZaXjiYnlehGG3Ttg0qIFJPDmYy3pW9vHZfHQTdpCM0nh4kPkRqw8Woe7_vdkrBha3JSlAMP6SWKyGhgcW9JJDvVqbdLNDZSG6BhH-0327tXXeUI5Dul0VVDkP97iz2y9PJpGwMYow15lr-TXOpZwfbPwF1MnGIfkqKYFinsfq6z1nOXcgwmCuQe7KdJFiVqvJu43FXIN_QRRwgvStCkORIPXkuuuCnEmpCtR_TbVzCCTALa4lUGlM8wdbgTo3O0Qn9V8ykuCuRYuglnd4zgd6RX_1Xl_hOAzmMUltMROJUFeld8K1iHy2Syg0J95Y13Oj9_oN2RBJpC4Zd3notP-j2a82xIN_0_o_ruvvVMk--lT9vIIuHJpBsjc4Z44fn79n8c910I6w8WaEUoR2sTmwbjUKKxHTonu0UnhWmA2pAyzFPkaA3u4Q0uQ-_0KBc_-2iQlq-WeHeN43yVtLh-3ATNtSFJSBRH9XlmE5ZMx5VHrC2bwzXAuMlUheroUWkcOycJZNnYlKTFuVVswqARiR4GujAIVQWmYBN2VWhLTl52mn7YFUMx5Ob-IQidxhP1OsbO5mwCsrxr27ZxA5h2Kw7kbJgOg1BxPoQX77ETzxl27A4TqiDXc5z0DTG8XSRLKMWotUPxMHHyvAvjUYYVRiJnbJXGK8bQp5xfZ4OH35CQ_KmawrvIn1tYSlmO9Oq7NJdfIxt_1uuRRKVUvAOlL6m_mRmY3BeZR1FFS18xJcLLa1fy6CJzTYpCn7yvieoMaToRqM62v7WZxJhLoMtUlht-fox1d7yDyhmCgfTdCb-2tD1x58MsdJn1yBSu_nKa1Zp6skhmrE6MZIrKtgAoI7c9-78ZGcG_mDvs-iHR7z4Dl1BjxTVUMhLm1Mh-TRgFT2lFwnjDmfvrfNoW2XiIcjotzRrVmgXSiKVzIY-s0qRufB7den_NFTpBIABlMALfwlHok5oIi-lFhaVMfIjIBq-KfxIegEkDoOXb7kNo1-NU_0wVeuwoC-3TP_50rZ_-JQBL7b4-AQWf8mAXuoO6Wo-nge0BWBNDO8qdyGNuZaYeuZ0RV1N3zx-adDP0oBry9nKLHj24THxKaJTMKSDm7iC1M9rH2UDdc_nSpZYebs3UNjahE-pXEj03WfqxUDnKvFkadk6m5D74deelNeYs7caoUstJ9Q_uu_2NKKkAQbNPuJ-UAAe491kVKIsQHhwY7Hj9T9IqQ_j914-vt8T6HKDsxqkWAxMAcUP3DdoKE8cfiq4Fjvj2wEMCir5Z0UPW5hutn0vFAqHm6F1hAbmHfgBX2GhSvKLyy6EcQ1QRdZ4nvdVyMBUSTKNElErZEG1w3i3qiQuSa2dwM5KXGbhjE-yHGUvXpYtzvOaobBZVoQz1eYreXN8EjHHrQ0I1gl279ioXrQDUnQXtOz3VDQy12VmB25Maaryo-bZi5a757G4IVSDEPQdyzxYc80Acvcvu4GXrwr0CKP1SNYuKTLl6TtsSS1eh1PRC0s4i4m4AcVMLU7ClN4t0sVKqUjCeRllMNt_xsqnUqBUHMmc5n4i6ywWguI8S6v81KaQkEDAb1aVHAOiMBUSBu92KbuhwgZFzmO9znaaMBdX8va6t0nAc8YqZCmkkLT13EB8gPExuxU08Bw8GtYG52JpwvM0ALuruw0XSsXJIGbTcG0BAfGBu7ifjUOcTSql_iL_MW_VOPrHgfhzEISOqdbY9D-dl6w3INzXi21FdiG90ZzQUe-1g0YbVVK3YFPYIxsTLvyLk7_5MJ3wGO9WVdozEMfUiqvLzGXUjulxj8PA8BjxW_c_pb04mnc6XoWwMCPO9f42IowQhsalsrWLJRBvpmY3HHfrj2pGKHEn-YbB15510xvWMkae2d-b0Zg0-DrVMThCGOGYM_spLrrgEJ_Se8YR3BMl72vQWG1TibFs4d_w8oU6yIjkk3QLLRKgK0gEyfS01mNYfGLpBSbRTVUmFqzQKR48uALXfcOjynLGIiYuHGHzxRAPtlVvB0Wxr2VCj0SjZ3NCx5INMnPBxt-4nWvwDhihHex6ZIJSKRovpBZpoEPzC2fvvVNhnM87ZSSPcIhYTZve1jn99R0kBsFTpMd0gDbT9NTCExnLy__CCrpTiuMX7nKO6HvMTLbMnNcK0PJZV9V8P4E7z933H8Q6-kFbHpIOPCdmzHAMn-KULMWaQUv6NJ8FAih_3s5-58JHsJsyvuVVS-sl_u77pXPACbQszJWyts_kmdCujiq7FmEszp6jJR2GE0wnzZDhbof_JE-sLwFql6izs47nYYuJ7pbio_opM7BZsZil1cCeeHLFp9uBc2sWbs-p7F9vB6r8e_onPcWyeHfv3wp1IeoIAlM17E-5GEfW69YEWUaMpS1kRWXayEDiYMFuZIpxB5RuhvMTAtomcROMIzWIE2x7lQX6LyUtTJamNVU8in1mNO-V-l9B4Le9ggdFT9AoToH1dJQAF-h_Ioo389P6yY2Izm5e-biwjhrbV7nWVYnwM-I43_6Lk9aONsFUhOT7HEe4cFTfODS91w7E14e2Ttip94L6wKL3Wlcfrw8g5BfEAIvAIa0FEoGX0T9VuF-g3j1oOnG4&cid=CAQSPADICaaNwmBtxdujN0XMqTf7OG49QxjyDRvBEPrGOJdXr4nxYE6IUWWCA9t-lrvCWJfwHcZMoPo2XyJPjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hisour.com&ds=l&xdt=1&iif=1&cor=13928438389216592000&adk=1761367587&idt=65&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11960
x-xss-protection: 0
server: cafe
etag: 17132697034905592634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:21:54 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D7FF 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame D7FF 19 B
392 B 18ms
18ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4861463&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9117077712236756%26output%3Dhtml%26h%3D280%26adk%3D2789094078%26adf%3D4094822056%26pi%3Dt.aa%7Ea.1819895376%7Erp.4%26w%3D347%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1699271250%26rafmt%3D1%26to%3Dqs%26pwprc%3D6532818214%26format%3D347x280%26url%3Dhttps%253A%252F%252Fwww.hisour.com%252Fde%252F%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699271250145%26bpp%3D1%26bdt%3D3354%26idt%3D1%26shv%3Dr20231101%26mjsv%3Dm202310310101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dec8559c5ad9479b8%253AT%253D1699271248%253ART%253D1699271248%253AS%253DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ%26gpic%3DUID%253D00000cb705e905ad%253AT%253D1699271248%253ART%253D1699271248%253AS%253DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg%26prev_fmts%3D0x0%252C1200x200%26nras%3D2%26correlator%3D8049627207339%26frm%3D20%26pv%3D1%26ga_vid%3D573301231.1699271249%26ga_sid%3D1699271249%26ga_hid%3D1699579485%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D626%26ady%3D2111%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079191%252C31079307%252C31079344%252C42532334%252C44804683%252C44807048%252C44807334%252C44807454%252C44807462%252C31078297%252C21065725%26oid%3D2%26psts%3DAOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM%26pvsid%3D1002118846463461%26tmod%3D213206995%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da%214%26btvi%3D2%26fsb%3D1%26xpc%3DIIhEXKr5sT%26p%3Dhttps%253A//www.hisour.com%26dtd%3D10&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-9117077712236756%26output%3Dhtml%26h%3D280%26adk%3D2789094078%26adf%3D4094822056%26pi%3Dt.aa%7Ea.1819895376%7Erp.4%26w%3D347%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1699271250%26rafmt%3D1%26to%3Dqs%26pwprc%3D6532818214%26format%3D347x280%26url%3Dhttps%253A%252F%252Fwww.hisour.com%252Fde%252F%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699271250145%26bpp%3D1%26bdt%3D3354%26idt%3D1%26shv%3Dr20231101%26mjsv%3Dm202310310101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dec8559c5ad9479b8%253AT%253D1699271248%253ART%253D1699271248%253AS%253DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ%26gpic%3DUID%253D00000cb705e905ad%253AT%253D1699271248%253ART%253D1699271248%253AS%253DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg%26prev_fmts%3D0x0%252C1200x200%26nras%3D2%26correlator%3D8049627207339%26frm%3D20%26pv%3D1%26ga_vid%3D573301231.1699271249%26ga_sid%3D1699271249%26ga_hid%3D1699579485%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D626%26ady%3D2111%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079191%252C31079307%252C31079344%252C42532334%252C44804683%252C44807048%252C44807334%252C44807454%252C44807462%252C31078297%252C21065725%26oid%3D2%26psts%3DAOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM%26pvsid%3D1002118846463461%26tmod%3D213206995%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da%214%26btvi%3D2%26fsb%3D1%26xpc%3DIIhEXKr5sT%26p%3Dhttps%253A//www.hisour.com%26dtd%3D10&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/119.0.6045.105%20Safari/537.36&os=17&browser=11&userid=0&kid=6122633&bid=18580041&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCs7jaUtJIZaOUC6W49u8Pm9CjMKKxw9NzpOzOxtkR97e%2Dz4gKEAEg8%2DS5HmCV4pCCoAegAff36YQpyAEJqQKj3BALkgGyPqgDAcgDm4SAgASqBPgBT9D9UBHOBNDuTWo9J6bC%2D%5Fxd4778d77%2DokuGxBAKdA%5F2Ssih1DqHxMv9BSNQruEr%2D%2DWwSQ0RzaSYIaurJ5TZb%5FHXDnNqY%2DjXZcrVQP1EYB%2Dnd0vjaSCqNRT7RrRnG5TDI1EFbjS1w3WSqZw%2DdkaPtTzhdZ5n82KxHp6Eqz5UoemXj1eluBULix4RhKY%5Fgt%5FcDFYMJmK8ksmfbTZWUSJ%2D%2D0vyVUebJXx25Z%2DYl2OMa0v6fRBxV%5FGGCMXTyRU66fhFePrZO%2DWmlIjXSqR0NshvpyYv6iAFal42rkpR76x8atLcTuGmljp1bOG2t1fi6qUWqIpbrrZmYGbABMvGgsnVBOAEA4gFmZ2Ggk2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERbATlPGWFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSPADICaaNwmBtxdujN0XMqTf7OG49QxjyDRvBEPrGOJdXr4nxYE6IUWWCA9t%2DlrvCWJfwHcZMoPo2XyJPjxgB%26sig%3DAOD64%5F0ll6l2ik8q%2D4%2Dshn3hNTeqrhMqXA%26client%3Dca%2Dpub%2D9117077712236756%26dbm%5Fc%3DAKAmf%2DDJvTA196buX3bdHAuibLt5cBIBftvHvKMzGc1jYWPuDNCLwzy1EUyWH9TORHhNXCKKO1FIEze5D2kMyd2Ww0MIH9sKxbVjKrTQczny6ev2Pwr4se1ACY3mjXHyWmswXBzozLTVzfqFXxJEIMC5IUGvWSg3ALXjPXZTNHB28%2D1jROKUjKE%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBrXJ090vUUJGcqpVcExf1mXH766WcwUbdcMNdEWCTLN9jlKTdKgbIawsX5tjoDyKpsQZX76Nqp8oyo4QQd2M09yvmopXfw6J4WDIkrOq1y5mfqqJOicb7uf32ItjjnQfbJlVfmgiLLj3wv2qh6QSoUUwYIpNBcATbtCQN5NfDrs%5Fibamu%2DYnP2uCr1n1lcby0CscVZANkhPqZj98eR5df5kvZOC0pFXuK7%5FsVNiO0vQLMGB3F%5FEUPuIfwqpOJBXclq%2DIogv83qU6yyVis5mpcJJu%2DqYzCFySNElIxsMQy4S4urT8CsVuy4cYrXKXXXSmr32ep8jBVL9Y%2Dnu%2DUlL0vq%2DIG7q9QSwEFRk%2DWIUM%2DcQ5MY%2D45LDOCpPT90zmhWeuD78puX32DsXy3zOKbNlZuMhTK19ykFL4%5FL8E%2DKPbiuxH6MKubQJMaWe3Txw%2DpaPwFhMdjn3dJkfZq4qoxVFmkz5DY%2DQgKsCYW%2D9QnHEjLEj08TSvUBDA8VgNp6uw4qLTPLxAbTqgFnVJGbvb6kqHXuasAH%2DmTkE77bQpikR3lHlDugqmA%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4861463&kid=6122633&bid=18580041&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cs7jaUtJIZaOUC6W49u8Pm9CjMKKxw9NzpOzOxtkR97e-z4gKEAEg8-S5HmCV4pCCoAegAff36YQpyAEJqQKj3BALkgGyPqgDAcgDm4SAgASqBPgBT9D9UBHOBNDuTWo9J6bC-_xd4778d77-okuGxBAKdA_2Ssih1DqHxMv9BSNQruEr--WwSQ0RzaSYIaurJ5TZb_HXDnNqY-jXZcrVQP1EYB-nd0vjaSCqNRT7RrRnG5TDI1EFbjS1w3WSqZw-dkaPtTzhdZ5n82KxHp6Eqz5UoemXj1eluBULix4RhKY_gt_cDFYMJmK8ksmfbTZWUSJ--0vyVUebJXx25Z-Yl2OMa0v6fRBxV_GGCMXTyRU66fhFePrZO-WmlIjXSqR0NshvpyYv6iAFal42rkpR76x8atLcTuGmljp1bOG2t1fi6qUWqIpbrrZmYGbABMvGgsnVBOAEA4gFmZ2Ggk2QBgGgBk2AB_evuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERbATlPGWFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&num=1&cid=CAQSPADICaaNwmBtxdujN0XMqTf7OG49QxjyDRvBEPrGOJdXr4nxYE6IUWWCA9t-lrvCWJfwHcZMoPo2XyJPjxgB&sig=AOD64_0ll6l2ik8q-4-shn3hNTeqrhMqXA&client=ca-pub-9117077712236756&dbm_c=AKAmf-DJvTA196buX3bdHAuibLt5cBIBftvHvKMzGc1jYWPuDNCLwzy1EUyWH9TORHhNXCKKO1FIEze5D2kMyd2Ww0MIH9sKxbVjKrTQczny6ev2Pwr4se1ACY3mjXHyWmswXBzozLTVzfqFXxJEIMC5IUGvWSg3ALXjPXZTNHB28-1jROKUjKE&cry=1&dbm_d=AKAmf-BrXJ090vUUJGcqpVcExf1mXH766WcwUbdcMNdEWCTLN9jlKTdKgbIawsX5tjoDyKpsQZX76Nqp8oyo4QQd2M09yvmopXfw6J4WDIkrOq1y5mfqqJOicb7uf32ItjjnQfbJlVfmgiLLj3wv2qh6QSoUUwYIpNBcATbtCQN5NfDrs_ibamu-YnP2uCr1n1lcby0CscVZANkhPqZj98eR5df5kvZOC0pFXuK7_sVNiO0vQLMGB3F_EUPuIfwqpOJBXclq-Iogv83qU6yyVis5mpcJJu-qYzCFySNElIxsMQy4S4urT8CsVuy4cYrXKXXXSmr32ep8jBVL9Y-nu-UlL0vq-IG7q9QSwEFRk-WIUM-cQ5MY-45LDOCpPT90zmhWeuD78puX32DsXy3zOKbNlZuMhTK19ykFL4_L8E-KPbiuxH6MKubQJMaWe3Txw-paPwFhMdjn3dJkfZq4qoxVFmkz5DY-QgKsCYW-9QnHEjLEj08TSvUBDA8VgNp6uw4qLTPLxAbTqgFnVJGbvb6kqHXuasAH-mTkE77bQpikR3lHlDugqmA&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 12:47:31 +0100
server: ADITIONSERVER v1.0
etag: 7298314450085020007
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
content-length: 19
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 44E0 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0798 1 KB
649 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 06 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D7FF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0351e32481ea7692cec8a34ec1d3c5ee6291bc8a2f0e68c24cf451b321f6663

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 44E0 38 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 10:25:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0798 35 B
463 B 27ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDYSNF-QkYu8LyZPGOGloog&google_cver=1&google_push=AXcoOmSduJObP-TdFkCTML4ZZWBVFJfKPxxbZsXXJR1lDh01mlYj8sQPXAViMvBARgwnhawF9XMQUWoczDYaRIjOPQVeN4pN3rLlL03B

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0798 0
104 B 69ms
22ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIMtZcbnb-mlJ4dG8zbRalo&google_cver=1&google_push=AXcoOmS4sVlT6h8qmAMLKyfQbZyGSmMC_8nykpNA-vyEQaPVPQ052ANKTNuOf-1mm6RiyGSmDO3hxlYPG8rxPXPffD2rWqXS5DlWTOk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0798
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDlGWGJZREYxUVpZNFA1&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDlGWGJZREYxUVpZNFA1&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3AGqREIxqCNVxDHoSpwdhvo2Hw-cRjQt9V18iWEuEHpzUZaBy21MlAVGij

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 11:47:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-062149d55703cc53e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDlGWGJZREYxUVpZNFA1&google_gid=CAESEBZoEuoOqLj362rDIIVac8A&google_cver=1&google_push=AXcoOmRHtmcuOrYPiaQTIsS88LKGG7aUFk3woNtLRrLsNf3AGqREIxqCNVxDHoSpwdhvo2Hw-cRjQt9V18iWEuEHpzUZaBy21MlAVGij
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0798
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHEGFYk6uAE1HLGD-giiwFk&google_cver=1&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMY...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMYSL5w7V2zQIFGre1suwf6v&google_hm=yTSvUh4dS26yx_I_...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMYSL5w7V2zQIFGre1suwf6v&google_hm=yTSvUh4dS26yx_I_dvWY_IY

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZSGFqHoWlm6NjCNtMEi2SEknQS0uTXaDkW2gBuxrRDE0OaF-6ZS7L4KjtgNw5JgcnwSdwJTZlWMYSL5w7V2zQIFGre1suwf6v&google_hm=yTSvUh4dS26yx_I_dvWY_IY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0798 0
173 B 38ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOVoynl7OwvhaTbpFt8hGEE&google_cver=1&google_push=AXcoOmScXOxWeV1tm9Uc2MENGJKsKjTf1i1uLqzWSpNy3jNxCj79RnOS3Ex4rYWtJ9lV6br6B68xNQ4kQVVEvvIIT2tF_sXBqSvB9Nr_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 0798 43 B
146 B 38ms
12ms Image
image/gif 18.196.230.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL9S69rp7iOyuvvdsiqZyXQ&google_cver=1&google_push=AXcoOmSU3PHFR-tupeK0LQF1Ou43HWxj8bJQMF-p-BTNd1vuvgSRGy8J2jhCo8In5ETYEb4A_DYFHzAMPMIXg579ehGLTJ9JVxVDWubp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9117077712236756&output=html&h=280&adk=2789094078&adf=4094822056&pi=t.aa~a.1819895376~rp.4&w=347&fwrn=1&fwrnh=100&lmt=1699271250&rafmt=1&to=qs&pwprc=6532818214&format=347x280&url=https%3A%2F%2Fwww.hisour.com%2Fde%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699271250145&bpp=1&bdt=3354&idt=1&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec8559c5ad9479b8%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ&gpic=UID%3D00000cb705e905ad%3AT%3D1699271248%3ART%3D1699271248%3AS%3DALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg&prev_fmts=0x0%2C1200x200&nras=2&correlator=8049627207339&frm=20&pv=1&ga_vid=573301231.1699271249&ga_sid=1699271249&ga_hid=1699579485&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=626&ady=2111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079191%2C31079307%2C31079344%2C42532334%2C44804683%2C44807048%2C44807334%2C44807454%2C44807462%2C31078297%2C21065725&oid=2&psts=AOrYGsn86C-xRY4m2xSi0lJlC00ZTFXGXML7EqbHpgFJUyaSwGkPMNBiQrSdwEMyRnC1S6EWET9IgF1tYPN64x7qiMRWxXHM&pvsid=1002118846463461&tmod=213206995&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IIhEXKr5sT&p=https%3A//www.hisour.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0798
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGfGJOaqK9oZZotcf-_jHaw&google_cver=1&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477mq7vowXCZ&google_hm=eS1jc1JldzJCRTJwRm...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477mq7vowXCZ&google_hm=eS1jc1JldzJCRTJwRmh5NzZFeDVRSm5NYWM4N1RpVG5wZX5B

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 11:47:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSj_tZXE2fRFWUHtg6fNzsnb-tTEHni-sCHyYQxoI1jQddkTiZy_cwDXOISPlVDYgFYbczfXaoPAu-dt3NxI-5K477mq7vowXCZ&google_hm=eS1jc1JldzJCRTJwRmh5NzZFeDVRSm5NYWM4N1RpVG5wZX5B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0798 0
12 B 18ms
17ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXJDRAMZGoJAAJ-cbX8iLK2T2fK5ZUid9LM4GfLb0I3okkZnABxMnkgxTVVDF8tpWFLcYz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:47:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44E0 0
23 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByieIU9JIZejvDo3g7gPchKLIAwAAAAA4AeAEAg&bg=!lJell9jNAAb4oU7C2KE7ADQBe5WfOKpsYsAg-MZllfCWv4yE4pZJwEd3UFXc3y7Gt5o6DTegXpE2nOcszUQ_rDLmk_EtAgAAAFNSAAAAGWgBB5kDTnFEt2Eit_BiWywu5089CumzDdOpQgX-7NoqHDG2HmFKse6-4bGxp24INr3G4Az3CHCbzElpAY8m032acdMqHRnsAs3AThwA-3wOFF3GpDGvDr4WjYj9ktsZafzcrp05xIrn81seb50cMUvhvp1huEfpmkHaWjqd-8AweyXmFKWizMdMRG2maEbYBI4s2cIXTLgLbe7qqDXQBn1uJ7LOo1tVgJ2AOTQCqQr2okdyTXXqrc9ysA9v50AzR5_IUpWE3tLUKCV64Y2bxXWncC7XcKftVGzTmr14MmxnqqDm7dEujaKSXW7JnVkWHv0ir_kZkIK6zD_bbSzmKKKUFH-atvx-lEw6VcfbMQl2_BQd7RHaoXDCWKurFVQxJEMgo2_MkhjIK8ET1nhxJ6kDAEuVlyKbivXC5pM7os6vKVOBv9op9OWhXbGomRiez_4-cgv-axv1InjEXf0PZ9hEoyV0RiyremmLbT1XeAQL1XLyBkoRTU-95U-4ZxAnpQ3XYjMFUaUKk8akwSPKtSStRO183EYUfdaXFkjacc8rQe3F5vkCKWNDXwW9pd3fzlYEpyS0gWQs6g_7JObdHzweAJlqwl_ad4fMLFPcVdNGLvURT2AzCGbknTHqZD2kfOmcMPJQGRP5l3EBcczCPdD__9Sv1dmj2Hq5JayNvWN88YiP7K9nlt2t3i1EYlH9tt8ZZhXZUt-SmzGA6-SMNuLFW-7-C0pbVDnwqo6a4jcON0lbEx2Z1qBLXoL9E4A1SZpK-qjV8K-aC8Z0iEx-T3KsXYF32MFt5pMejCIFLhM3IZhymByqsdFTXHLy5TyXUhqbTYGUw8Bk5oyboXMiH7j877MSAQ0c29HtA36HoXMbqy9y-mt9fv3hXiChn4xutKvYNAdkcEjVoq93UA_F7alr1YEZMTeomk7jaaWYhKXC_9oCrxvh6s4U54qx2HLwEXvUvdxHOQK3NtnOqJ14Hw6oC80LcEEun5ATCSwYepRYnufWw8lShI5gt7uZcAsbjOPYkN2C78pHSQ4wA0tvBKrC9eFJZbwF3trUsUS5NpNL2JQn_gnga-jTFEZs58hhSTVbhjnZNIe9puhaVPMgt0FR9IrVCbPSfRUhSH152JtrJzI24A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C12 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuv29-kESe3iAfzWlQn0Q9lKjCLGoK2C00RBtOrIObiI5iMCwNRlWGyGkx6ocYkbsZa8q8-nBdSmjJL1OYYrcHxvvZypCJYLW7pFaFVH49OaojNvZUE8kVS-oboKJ01owJ2Er174h1tm_ys&sai=AMfl-YSkcgHGFqwaBsV9d1pBAIW04f1FZDC0EqPpu_0pCCW6_yvO1LTQ82km3WYV0MC0ienlFDcRIW66FD5BGhGAkQNFfG1eKgFe3kkHythpdmj4QhQYtlV8ewJFlbthY_GOpJBsBMBm6kIizrnZcg&sig=Cg0ArKJSzFBNKSOePhYcEAE&cid=CAQSTADICaaNXQztibICwqR071PwtYsNHDDOtHF73XBJJMkamq2u2RYcUBBdmW2s2E34pSQuCXEWsqcuvQmXP4Rq_7gf4xr5jF7itQhjv6wYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=479,895,1000,1000,1000&tos=479,416,105,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699271250316&rpt=389&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C12 0
23 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9414172927716&version=m202309260101&ct=119&x=1&cor=16069596630052547000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7FF 0
25 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=731437351782&version=m202309260101&ct=77&x=1&cor=13928438389216592000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 11:47:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hisour.com/	1970-01-21 00:48:13	Name: qtrans_front_language Value: de
.hisour.com/	1970-01-21 01:37:11	Name: _ga Value: GA1.2.573301231.1699271249
.hisour.com/	1970-01-20 16:02:37	Name: _gid Value: GA1.2.1352483069.1699271249
.hisour.com/	1970-01-20 16:01:11	Name: _gat_gtag_UA_91765513_1 Value: 1
.hisour.com/	1970-01-21 01:22:47	Name: __gads Value: ID=ec8559c5ad9479b8:T=1699271248:RT=1699271248:S=ALNI_MawwhmnYnhAEZuPajTzWqHe0KUSCQ
.hisour.com/	1970-01-21 01:22:47	Name: __gpi Value: UID=00000cb705e905ad:T=1699271248:RT=1699271248:S=ALNI_Mbl-velIZweqt2fvmWcaqa5a6-jbg
.doubleclick.net/	1970-01-21 01:22:47	Name: IDE Value: AHWqTUk5Qdl6ct-8OVsCSG_1hEL-0B0iBoZUFQAdIhxC-9sXfxOIfIGpqZRFaMA5Z5U
.googleadservices.com/	1970-01-20 18:10:47	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 00:46:47	Name: CMID Value: ZUjSUrRTaaWBPXPwNrfWrAAA
.casalemedia.com/	1970-01-20 18:10:47	Name: CMPS Value: 5272
.casalemedia.com/	1970-01-20 18:10:47	Name: CMPRO Value: 5272
.adnxs.com/	1970-01-20 18:10:47	Name: uuid2 Value: 2694922599598616925
.doubleclick.net/	1970-01-20 20:20:23	Name: APC Value: AfxxVi5VYqGDwl2EZuwInLj6row4orLYbV2QjyN7Qi9_7UDq_UDHEA
.adnxs.com/	1970-01-20 18:10:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVKoOY6y!]tbPl1M>e)ZlrFUfJ+tGXxo]Va.^)HJM'$_cJqxL!:4^UvSWV`dWchQh`2X3If)y3KL9D3I?+Mt.qw^
.adfarm1.adition.com/	1970-01-20 18:10:47	Name: UserID1 Value: 7298314450083646220
.hisour.com/	1970-01-21 01:37:11	Name: _ga_FV4EM50KJW Value: GS1.1.1699271248.1.0.1699271251.57.0.0
.quantserve.com/	1970-01-20 18:10:47	Name: d Value: EBwBCQGuKoEA
.quantserve.com/	1970-01-21 01:31:25	Name: mc Value: 6548d253-5cacf-30c7d-a4d26
.blismedia.com/	1970-01-21 00:46:51	Name: b Value: 6548D253000C0BF442483E74BLIS
.w55c.net/	1970-01-21 01:31:25	Name: wfivefivec Value: L9FXbYDF1QZY4P5
.ctnsnet.com/	1970-01-21 00:46:47	Name: gid_CAESEHEGFYk6uAE1HLGD-giiwFk Value: 1
.ctnsnet.com/	1970-01-21 00:46:47	Name: cid_c934af521e1d4b6eb2c7f23f76f598fc Value: 1
.w55c.net/	1970-01-20 16:44:23	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 00:47:08	Name: A3 Value: d=AQABBFPSSGUCEGhaiJ4dh-P_pAOh_gqi0rUFEgEBAQEjSmVSZQAAAAAA_eMAAA&S=AQAAAg12iu0Tm0b1cdpJBbEwEiI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://code.createjs.com/1.0.0/createjs.min.js(Line 14) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4.adfarm1.adition.com
cdn.hisour.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
data00.adlooxtracking.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imagesrv.adition.com
j.adlooxtracking.com
p4-a44qi6wdyzb7o-uz4o74p2bmrxok4v-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s0.2mdn.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
wiz.sncf-connect.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hisour.com
x.bidswitch.net
104.18.36.155
142.250.185.66
142.250.185.98
142.250.186.34
142.250.186.99
18.159.56.100
18.196.230.223
185.89.211.84
2.18.161.51
2001:4860:4802:34::36
217.79.188.46
217.79.188.59
2606:4700:10::ac43:2415
2606:4700:3108::ac42:2909
2606:4700::6810:3965
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9b
2a02:26f0:3100::1735:2a09
2a02:fa8:8806:20::2010
2a05:d018:d29:3602:abeb:a582:6f70:20cf
34.96.105.8
35.181.109.179
35.186.193.173
35.241.31.249
35.244.159.8
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
02f06bf780cba89e2c02a577c066962825a23f6d05b0ff22ea98ca3f72c3153b
04c1dbd9fdf4db5c620640239e8cfd67c6792a2bcb15fb1500906ec89284b1d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc64aae2364f1ba696128e5612af020bf7b193c2438f55c08837012a2e52350
0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc
0faf9792b19f818ffaca27289143311ce356a4ca088c1ce4cbc8e4788c9e1059
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
1332f8ba79adf043af79c8fe59c3428b23ba671619b3f6e8725427faf69d7734
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1dd653c5c9e1077da9470c21b44726c24dc87374234349a259a40fab940b8acf
1e360a5f70f12b14412dfdb55c10519a767cd4bac66d826e7210ab93f0ae5883
254c7fa50c03107d5c23a44e09b486e7e10e5fffc12861c747789574eee567f3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
314abf25f933e6804ffc5bc9c26d259c89bc4c0e756ac427ca620f0897e685c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e82ff332d2a2410a29d090b99521a4b2fdc40402030d71de31155cbb06a214
363605aea40f3c417bdfa9b4e42fe8716459aef61dcbd89b1c9899715ced353a
3656914ba10dfc09f2642bebeb64b58bca12b5463f6915bc2fe07edec2fb3069
3dc036cd29ad156ea9052b3e4eeafc1ebb011845071d0bc7998fc376a212903e
3e5644e0a0323037631f8f5deef65893d9b6d2e9f48c6c38893359b9df827151
3f205a2d1143f39e7e649fccac0d7c382337ee7ae51a08217919df49c73df42f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
46b6c91573609abb8523333ce9a41198badfb4b19836a35af34212ba5c378524
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47ea6741a38fa65f5c8fe48ec0fce888a4b905074074e91b6defc6385ae9f7e4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d02aa22bd03377d2c668f127b8be3f1820a6eb8fe5cfaff6177d77dcddc1fc7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5319dae27a83a503b2917f911d2b32d8adebba5a26c24b90c4c15aee9da62c82
544d80cacea9632d00244110759db1c0c03bb098b30b0430be1173b94bc200fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5497904bfb31fc9e43d667d561313f829b8c3493b4676ce8897098be4190bdc6
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5633605e5166b9291ca6bdc19356087ab88766192cc2b945fa5637e552eb990e
5b65b73036444906730fc7890d014614219a334452663f6c9021378a48839090
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5dc36589cbbc4f7c633dc5d9c87c959c8c46f54f95711d93eb0795d8a9ab37c1
5e082738b17367c84be7a89ca3ec510c5f546573a71207520328865673c2cf7b
611a26873d7f9c2d0376a4a1032aff66fda09cd110ab128e7472ac7d877ae258
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
62e858b16bd3efd00215023e3eb70f250ab4bed874c645f03cc65026d1f1e40c
65f5a4e70b52eea759f786f00a1b90b3f5c3d815c290233b37e40f953d50fe67
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67a1cded4551f3d929547bd98957e3831aa55ce6c996cd0809e9efecee5551c8
6a958533d964442936123c47f5632497839769cbe175a6c69b7b13d8842104a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e5aafa9413c826ddcd03d1e36a6346ef1f4589780fa9a22344c8b7a34a2b2a1
6f918e479d2fa725ae3b5b278363ad28e31c811573c4d7744f7628fbec56d51b
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
742961c43f0cef62997bf56bbffa6f9a45489bc9a22e29764d8a065d9e173763
74458416cb45a2fa485021ca3e505eb8b3d7bda4cf1ec845cd73dacd499d3b00
74a97b2700a6130627b841ee072c236c66203dfaf843fe39fce0c4a1a934937f
7600b0f12c27ee38d18e5e84961e8c8677983ae1dab78d7f941798b0ad7b62e5
78ba808bca2eafa660111346057a7463275682210957ae36bba116c3a032d9d5
78cba0d68a87a8db2d5fd6b38d222ab74c4af7a11fe8c716dee390ec0582aecd
7ac62ecc4e8c94018c3b75bfec4ba75aff220dd7b1fdeac39bdf061bae14313d
7d4f521f9efb052857ef025558150b0f7eadf45bc8ca89954bd1b4415d7886ab
83ffed47970b9fbdd921d33175927e9d12d3f8a1204d99396dc783aac1fc3e1c
855c23e1b8239c7413fee2e2dfa38086b30690049e9c06cf2456241e72f93f52
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8826baf0a0edb248cb1473ea888916cf5d3180eaad9b2b951db45f1c97d3a1dc
88e963204c9a9c5bb9af3ab198d2ed386e20fd1ea8e9dd796517876a5e32c0c7
8afa801080bab1b3ae3c19757251ab57cad9a0634e7a6db6d285a99b0777df45
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
949928fed514092835ce57a89b81cd4906f85933b4608224ef0c4a2ba5278698
95c95cdac1b6a25cca521cd75f40cc0c3f8fd513ae8200a6ca20668c3ae9a480
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ac8e4c6f4896550f0d43c35b9d8019b7854ef4e337cf506fb506171ffc7d68
a2310b9b92cc257637ae2fff98956e17ec5900b37621e5f206b71ccccb377af5
a233513e6b3b1ef852c1e1b1c400512396a64590da1172b059d10d53918b1d58
a30cb09f2bf010912cfa0e54ad47c55625240555e8b0044c84564d37c942675d
a428141a428fa50ce0d42de8208307d1489385b993591adf600851a0058b0da7
a5922a9ca8463ac2876bef52bf1a3fa41d5356490d48c0bb4d528d00b1230a43
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab37b8511813ad673f9e55e276b7a99cab2f361baef6141a743afc4ebeca42af
ab6f8af5b7669c91529497e3587bb0f15ad6c8f10bb7852c30ea5ddd92c66e32
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acc91ff0aab7cc4fdccfbd515b3c8b953e1b2d88267bebb987305c63efa70eff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21b198a4539477c89962b670b818f48560864739f51927aff6a907612a6a56a
b50de94ad78217d38910399b08162ee055daa1da04067f55a0f7ad88fd864e73
c09c268fe502e6f49cac76a39cb8d554b40ef5a7ae4dd021248ca370d97e054b
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
ca3fa9ce3de18ec1216ec54e4573eafab6d07a5303b0f98e7549956db737ae1b
ca4f29bb6efa578deb6693734c0a2c061b2211f023d146f486238fafe8a58108
ca63f761f1ebcd4720943bafde105a2785570e94dfb29b1497970252be51b9ee
cc27a90f76f4d4c938c4350480c63594cff8ee97e1c1c6c2e41310f8fd58a182
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8e9c60c4e8e3cfd680e89ab5b9fd1ee971a33d0660c08d96f2b551dd169d04
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d0351e32481ea7692cec8a34ec1d3c5ee6291bc8a2f0e68c24cf451b321f6663
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d5cb8150c0a4f297e5a53a820b83f8b65277a9f872c30d9c823bbeb6ddf644ff
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
dd0b106f55a382ef08c1a8f6f4532cec76a81ce1ab690c5a31ee5b1070c995e4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00d7104cd10f71aee152a4cc66d07bd97d93f460016ce7443738f6d74072dd0
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4f0e60f0eac484185763cb71b42c3157427ed4b26aff7bc67018e5fc85ab1f6
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e698a95c8f484d7a039c4911762cdafd2836297d724c291c8d9f1e7a5ba570ba
e82c4ce7b9a82408925cd09fe87b7df6062fef591442743906380d536f3c0fca
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee7b9a2ab9a6f021e6edf72b4773551de5b0042b88fb23e1be8a1b7cccd5d441
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b8f80305afe8feb7bc1c8a8537ccc18737c5083f7c209b3c40410d02180733
f80cf07a16232db71901a60aee87bd82a695eb5f55b139806c55b712c3ed4a87
faaeeefaf71d4299bf4570493688c93be4a663d01554fcd04bd8a267bc0f825d
fb7d974faaacf1ce3461526535a8b1d3ffe59d69d928f9b6477f5cc5d5c24d66
ffa8e929d8f6712210afc525149d48b2fd4efa5d1d3fbf15ceb4700c32df3a7f

www.hisour.com Open in urlscan Pro 2606:4700:3108::ac42:2909 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

94 %HTTPS

60 %IPv6

28 Domains

43 Subdomains

38 IPs

6 Countries

4891 kBTransfer

8753 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hisour.com Open in urlscan Pro
2606:4700:3108::ac42:2909 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

94 %
HTTPS

60 %
IPv6

28
Domains

43
Subdomains

38
IPs

6
Countries

4891 kB
Transfer

8753 kB
Size

24
Cookies

200 HTTP transactions
3 data transactions