www.emergencyemail.org Open in urlscan Pro
52.117.149.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Submission: On August 20 via manual (August 20th 2021, 2:19:49 pm UTC) from US

Summary HTTP 93 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 17 domains to perform 93 HTTP transactions. The main IP is 52.117.149.22, located in United States and belongs to SOFTLAYER, US. The main domain is www.emergencyemail.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 11th 2020. Valid for: a year.

This is the only time www.emergencyemail.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	52.117.149.22 52.117.149.22	36351 (SOFTLAYER) (SOFTLAYER)
11	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ad::1917	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.214.237.192 3.214.237.192	14618 (AMAZON-AES) (AMAZON-AES)
4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:5600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.53 13.224.96.53	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
93	22

6 52.117.149.22 (United States)

ASN36351 (SOFTLAYER, US)
PTR: server1.emergencyemail.org

www.emergencyemail.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ad::1917 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

radar.weather.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.237.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-237-192.compute-1.amazonaws.com

web.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

static-cdn.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	432 KB
12	doubleclick.net googleads.g.doubleclick.net	88 KB
8	google.com 2 redirects adservice.google.com www.google.com	2 KB
7	adblade.com web.adblade.com static-cdn.adblade.com	57 KB
6	emergencyemail.org www.emergencyemail.org	54 KB
4	quantserve.com edge.quantserve.com pixel.quantserve.com secure.quantserve.com	18 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	google.de adservice.google.de www.google.de	2 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
2	quantcount.com rules.quantcount.com	865 B
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	18 KB
1	2mdn.net s0.2mdn.net	24 KB
1	exactag.com m.exactag.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	scorecardresearch.com sb.scorecardresearch.com	1 KB
1	weather.gov radar.weather.gov	381 KB
93	17

	Domain	Requested by
28	tpc.googlesyndication.com	www.emergencyemail.org googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com www.emergencyemail.org googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.emergencyemail.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	2 redirects www.emergencyemail.org googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.emergencyemail.org	www.emergencyemail.org
5	static-cdn.adblade.com	web.adblade.com www.emergencyemail.org
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	pixel.quantserve.com	www.emergencyemail.org
2	ssl.google-analytics.com	www.emergencyemail.org
2	rules.quantcount.com	edge.quantserve.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	web.adblade.com	www.emergencyemail.org web.adblade.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	m.exactag.com	www.emergencyemail.org
1	fonts.googleapis.com	tpc.googlesyndication.com
1	sb.scorecardresearch.com	web.adblade.com
1	secure.quantserve.com	web.adblade.com
1	www.google.de	www.emergencyemail.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.emergencyemail.org
1	edge.quantserve.com	www.emergencyemail.org
1	radar.weather.gov	www.emergencyemail.org
93	24

This site contains links to these domains. Also see Links.

Domain
www.adblade.com
www.trucs-et-astuces.co

Subject Issuer	Validity	Valid
www.emergencyemail.org Sectigo RSA Domain Validation Secure Server CA	`2020-12-11` - `2021-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
weather.gov DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-19` - `2021-10-16`	a year	crt.sh
adblade.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Frame ID: 8AAF790B578FA2DA12241BB809DFBE1C
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 79A4D801EF516F42CA016429AEF3961D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&adk=1812271804&adf=3025194257&lmt=1629469170&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170414&bpp=3&bdt=87&idt=75&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7290652016940&frm=20&pv=2&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
Frame ID: 7D227AFD564AA47E9FC25BEC0F9C0DCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=7319163582&adk=947911551&adf=3846147594&pi=t.ma~as.7319163582&w=366&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=366x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170417&bpp=2&bdt=90&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaaj7bi9G9&p=https%3A//www.emergencyemail.org&dtd=101
Frame ID: 4AB247C19A4188C4E88C0BF5D326B005
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7
Frame ID: D0AE0DB613737D09A6C0C81A1D0EFAB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2
Frame ID: D18CD1950A7231B1204002A087D5819A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html
Frame ID: DF28876496722A83862DA6C0B9B3874E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Co7au8rkfYbLvJeuT7_UPm4eT8A3U5OTPZLX6sc-UDvu17tz3KBABIL349AJglQKgAe3Rx70DyAEJqAMByANIqgSNAk_QO_B97tWNcGlFcbQMUKKDKOSnWuIKdt770pWBIEzpiGo6qNyhyhhLp4FGyH_gIYcWmHUzF5KXIzmCK0o7eGhgcTeDHhMHTH-LaV_zz8vak4jlQicqHBcYtAWJWbwD4n6KHyMUmZ0PAmmEWVIUiJVBv5QnhlF9F493BHgj6CSE_PkY8XQM1vJz91onRynCrKViUXCksZKtOhm0-x1zpkgrlfmav-WRWeqnCJyvFkkHJs5gDjsvRxrFmY17ag7Bm6dGnsW1txGjfRpekSD6X9HiUd3EK15EbFbXHriL0P7JcBgH1EsCgUzWD-Sp2DKEvlOUY6aJw6ZfGpKhusmYwfD7_s8kQQ0VIkdwL3suwATvgtCW4AOSBQQIBBgBkgUECAUYBKAGLoAHlezdGagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRCTsPcB0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTEwNzY5ODc4NjU1NzIwMTMYAA&sigh=LFHIYkwuKQ4&template_id=419
Frame ID: C851C372D3BB40F7589A1ECEFDD6A962
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 37CF73AEFAB3AA7E3848C8A8D44C1211
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html
Frame ID: C96C27E04D4D848AA66C732CCB21EC67
Requests: 19 HTTP requests in this frame

Frame: https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=13810339821&extCr=123972157425-532180687678&cb=1848788811
Frame ID: EDECCE417442E94EDD2CD3B80A2DCDFE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E92B5D215384E7BC9DFB63D9479725EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5E51D4909E6694F615F0533FF80767E6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26DF94BE9C934FE13B7F87E2D36241A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weather Radar

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

93
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

24
Subdomains

22
IPs

2
Countries

1231 kB
Transfer

2465 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.adblade.com/
Title: Ads by Adblade

Search URL Search Domain Scan URL

URL: https://www.trucs-et-astuces.co/sante/conseils-eviter-lunettes-s-embuent-masque/?utm_campaign=FRAFoggyGlassDEC&utm_source=AdBlade&utm_medium=native&utm_term=[EncodedAdbladeTracker]
Title:

Search URL Search Domain Scan URL

URL: https://www.trucs-et-astuces.co/maison-et-jardin/maison-voyez-linterieur3/?utm_campaign=FRAOmahuisDec&utm_source=AdBlade&utm_medium=native&utm_term=[EncodedAdbladeTracker]
Title:

Search URL Search Domain Scan URL

URL: https://www.trucs-et-astuces.co/maison-et-jardin/les-chats-jargin/?utm_campaign=FRATuinkatNov&utm_source=AdBlade&utm_medium=native&utm_term=[EncodedAdbladeTracker]
Title:

Search URL Search Domain Scan URL

URL: https://www.trucs-et-astuces.co/nettoyage/feuille-daluminium-pieds/?utm_campaign=FRAAluvoetnov&utm_source=AdBlade&utm_medium=native&utm_term=[EncodedAdbladeTracker]
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

93 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request weathergetWANG1.asp Show response
www.emergencyemail.org/ 15 KB
15 KB 462ms
144ms Document
text/html 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: 879c1d7f2c63e2496878c60dba3f8920bd4736ecf68f3230c22fa4560e0c84ef

Request headers

:method: GET
:authority: www.emergencyemail.org
:scheme: https
:path: /weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
date: Fri, 20 Aug 2021 14:19:30 GMT
content-length: 15520

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49909
x-xss-protection: 0
server: cafe
etag: 7723420151934129076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 14:19:30 GMT

GET
H2 200 Header%20Eagle%20Banner%20468%20by%2060.gif
www.emergencyemail.org/images/ 32 KB
32 KB 145ms
144ms Image
image/gif 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.emergencyemail.org/images/Header%20Eagle%20Banner%20468%20by%2060.gif
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: 1884558588b5b7d9b06e9e42e0071de8d11c028dfb33057588d792beee0320e6

Request headers

:path: /images/Header%20Eagle%20Banner%20468%20by%2060.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.emergencyemail.org
referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
last-modified: Thu, 04 Aug 2011 19:43:17 GMT
server: Microsoft-IIS/10.0
etag: "ceeadac1de52cc1:0"
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 33109

GET
H2 200 KLIX_loop.gif
radar.weather.gov/ridge/lite/ 380 KB
381 KB 120ms
33ms Image
image/gif 2a02:26f0:6c00:2ad::1917
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://radar.weather.gov/ridge/lite/KLIX_loop.gif

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ad::1917 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

0af0315bb903172264235944e0a3e750dd12776007c173e9decd3a7b41f40fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
last-modified: Fri, 20 Aug 2021 14:15:07 GMT
server: nginx/1.20.1
etag: "611fb8eb-5ef92"
strict-transport-security: max-age=31536000 ; preload
content-type: image/gif
cache-control: max-age=1
accept-ranges: bytes
content-length: 389010
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
H2 200 xlaabsolutenmALERTS.asp Show response
www.emergencyemail.org/newsemergency/ 2 KB
2 KB 258ms
256ms Script
text/html 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emergencyemail.org/newsemergency/xlaabsolutenmALERTS.asp?z=1&h=4
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: 2257ff6d7b4521cbd33a8cc421770eb281be2facce2fe4fe56e893ab9af14155

Request headers

:path: /newsemergency/xlaabsolutenmALERTS.asp?z=1&h=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.emergencyemail.org
referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
cache-control: Public
expires: Fri, 20 Aug 2021 14:29:31 GMT
server: Microsoft-IIS/10.0
content-length: 2318
content-type: text/html

GET
H2 200 xlaabsolutenmALERTS.asp Show response
www.emergencyemail.org/newsemergency/ 2 KB
2 KB 150ms
148ms Script
text/html 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emergencyemail.org/newsemergency/xlaabsolutenmALERTS.asp?z=58&h=4
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: 68866e8e15e3f8ad89d46e38e8c7b865981bd29afb82c7fd219dea9503fa1b94

Request headers

:path: /newsemergency/xlaabsolutenmALERTS.asp?z=58&h=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.emergencyemail.org
referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
cache-control: Public
expires: Fri, 20 Aug 2021 14:29:31 GMT
server: Microsoft-IIS/10.0
content-length: 1982
content-type: text/html

GET
H2 200 xlaabsolutenmALERTS.asp Show response
www.emergencyemail.org/newsemergency/ 2 KB
2 KB 257ms
256ms Script
text/html 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emergencyemail.org/newsemergency/xlaabsolutenmALERTS.asp?z=63&h=4
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: ded711c7e959de2a9cba2f3b7572f971ce13c0e2facda70095372619eefde62a

Request headers

:path: /newsemergency/xlaabsolutenmALERTS.asp?z=63&h=4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.emergencyemail.org
referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
cache-control: Public
expires: Fri, 20 Aug 2021 14:29:31 GMT
server: Microsoft-IIS/10.0
content-length: 1930
content-type: text/html

GET
H2 200 show.js Show response
web.adblade.com/js/ads/async/ 18 KB
6 KB 310ms
103ms Script
application/javascript 3.214.237.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web.adblade.com/js/ads/async/show.js
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.237.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-237-192.compute-1.amazonaws.com
Software: /
Resource Hash: 9aef70180fe03c0e3476f58e74f59652630384b8082b7b0f62a86b8802757ec3

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
content-type: application/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
9 KB 25ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 27 Aug 2021 14:19:30 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 45ms
44ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d08e09c268f409b78b36499f3fc723aa7b8937adf935093b4175756365bcd196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
server: cafe
etag: 17909373534660482497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 14:19:30 GMT

GET
H2 200 headerbackgroundnew.gif
www.emergencyemail.org/images/ 401 B
479 B 252ms
252ms Image
image/gif 52.117.149.22
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.emergencyemail.org/images/headerbackgroundnew.gif
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.117.149.22 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server1.emergencyemail.org
Software: Microsoft-IIS/10.0 /
Resource Hash: 07aa94791917b7582e05d2ecff2c0644115623907e3b95e0cd338842827eb646

Request headers

:path: /images/headerbackgroundnew.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.emergencyemail.org
referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
last-modified: Thu, 04 Aug 2011 20:59:00 GMT
server: Microsoft-IIS/10.0
etag: "1ec7c455e952cc1:0"
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 401

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 252 KB
93 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1076987865572013&plah=www.emergencyemail.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 16230733116024533272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 14:19:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 79A4 10 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 20:32:15 GMT
expires: Thu, 02 Sep 2021 20:32:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 64035
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
663 B 101ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.emergencyemail.org&callback=_gfp_s_&client=ca-pub-1076987865572013

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1076987865572013&plah=www.emergencyemail.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

323ce4920b8fd78df07c1c477132879621ea5c2c778414e05b5020688b717ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.emergencyemail.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.emergencyemail.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D22 5 KB
666 B 91ms
88ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&adk=1812271804&adf=3025194257&lmt=1629469170&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170414&bpp=3&bdt=87&idt=75&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7290652016940&frm=20&pv=2&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7afaaa69d037331a0ec0e663d0c4d830a898de9cbfd89065289b51d9003b382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1076987865572013&output=html&adk=1812271804&adf=3025194257&lmt=1629469170&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170414&bpp=3&bdt=87&idt=75&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7290652016940&frm=20&pv=2&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 14:19:30 GMT
server: cafe
content-length: 643
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 14:34:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:30 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Fri, 20 Aug 2021 14:19:30 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4AB2 436 B
235 B 555ms
554ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=7319163582&adk=947911551&adf=3846147594&pi=t.ma~as.7319163582&w=366&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=366x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170417&bpp=2&bdt=90&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaaj7bi9G9&p=https%3A//www.emergencyemail.org&dtd=101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221e629b0579caeec7345346b0b833308de691addea5faecdb5a21a420d6efb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=7319163582&adk=947911551&adf=3846147594&pi=t.ma~as.7319163582&w=366&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=366x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170417&bpp=2&bdt=90&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=5&ady=136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xaaj7bi9G9&p=https%3A//www.emergencyemail.org&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 14:19:31 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 14:34:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.emergencyemail.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.emergencyemail.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0AE 121 KB
38 KB 800ms
799ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549a05ec4d31a58fb6e18b07a2c609d22ee567333bd4df2c62b8ce40665f0773

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKw2djlv_ICFevJuwgdm8ME3g&gqi=8rkfYfmkJeqOjuwP5_itkA0&layout=/sadbundle/%24csp%253Der3%24/12397739699070241829/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKw2djlv_ICFevJuwgdm8ME3g&gqi=8rkfYfmkJeqOjuwP5_itkA0&layout=/sadbundle/%24csp%253Der3%24/12397739699070241829/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 14:19:31 GMT
server: cafe
content-length: 38996
x-xss-protection: 0
set-cookie: IDE=AHWqTUkQ_rGIahZKaa42CqwXo6872lecybsukVJEy_zEy9iYqS1Nd3Wq5TjwUCK-m8A; expires=Wed, 14-Sep-2022 14:19:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D18C 135 KB
42 KB 950ms
950ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27ef2f48d6b8fb17b7576cc7965852b20006f891c7f816159970151637b1db77

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO6v29jlv_ICFbHGuwgd-UYHgg&gqi=8rkfYYX3JqWm3gOn0rmACQ&layout=/sadbundle/%24csp%253Der3%24/735553105042064842/UiS_Stadt_970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO6v29jlv_ICFbHGuwgd-UYHgg&gqi=8rkfYYX3JqWm3gOn0rmACQ&layout=/sadbundle/%24csp%253Der3%24/735553105042064842/UiS_Stadt_970x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 14:19:31 GMT
server: cafe
content-length: 43483
x-xss-protection: 0
set-cookie: IDE=AHWqTUm6MRw2z4f2JvPRoBadqbcwODXC2DCFQlOfJI7E52wJVwkUz5o6oBehpzc7x1A; expires=Wed, 14-Sep-2022 14:19:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private

GET
H2 200 rules-p-7fkzyQzeHbArQ.js Show response
rules.quantcount.com/ 3 B
437 B 44ms
14ms Script
application/javascript 2600:9000:20eb:5600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7fkzyQzeHbArQ.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 01:35:14 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
age: 45857
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:10:06 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 2YqlgtCLNtrH4lyj8fWXwRGraV7E_jIH6991JraUwGXPBbCT8kJIJA==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5855
date: Fri, 20 Aug 2021 12:41:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 20 Aug 2021 14:41:55 GMT

GET
H2 200 impsc.php Show response
web.adblade.com/ 8 KB
2 KB 102ms
102ms Script
application/javascript 3.214.237.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web.adblade.com/impsc.php?cid=26720-2908516846&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&subid=wang1%20radad&rnd=1629469170652&output=html&callback=callback_json_adblade134648981

Requested by

Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.237.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-237-192.compute-1.amazonaws.com

Software

Resource Hash

5bd14179c9361007d65349d15844a9d6a857c301b3070e969263e9c5fd3a8f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor: Adiant LLC | Adiant | http://www.adiant.com
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 22ms
20ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1393361981&utmhn=www.emergencyemail.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Weather%20Radar&utmhid=1935010529&utmr=-&utmp=%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&utmht=1629469170676&utmac=UA-9914736-1&utmcc=__utma%3D198119099.1904818478.1629469171.1629469171.1629469171.1%3B%2B__utmz%3D198119099.1629469171.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=86527191&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072358997/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072358997/?random=1629469170680&cv=9&fst=1629469170680&num=1&label=-2mQCNznwQMQ1cyr_wM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&tiba=Weather%20Radar&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a04c1bffc2f1d244c2ee070ed68d54036383ccc9a47fd452a39d8ad6e5a5552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=702365965;rf=0;a=p-7fkzyQzeHbArQ;url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp;uht=2;fpan=1;fpa=P0-1749219166-1629469170695;pbcn=u;pbc=;ns=...
pixel.quantserve.com/ 35 B
371 B 11ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=702365965;rf=0;a=p-7fkzyQzeHbArQ;url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp;uht=2;fpan=1;fpa=P0-1749219166-1629469170695;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=emergencyemail.org;je=0;sr=1600x1200x24;dst=1;et=1629469170694;tzo=-120;ogl=

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072358997/ 42 B
569 B 38ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072358997/?random=1629469170680&cv=9&fst=1629468000000&num=1&label=-2mQCNznwQMQ1cyr_wM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&tiba=Weather%20Radar&fmt=3&is_vtc=1&random=1896780179&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072358997/ 42 B
569 B 38ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072358997/?random=1629469170680&cv=9&fst=1629468000000&num=1&label=-2mQCNznwQMQ1cyr_wM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&tiba=Weather%20Radar&fmt=3&is_vtc=1&random=1896780179&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zone9457.css
static-cdn.adblade.com/css/zones/ 42 KB
3 KB 103ms
30ms Stylesheet
text/css 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.adblade.com/css/zones/zone9457.css
Requested by: Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ffc8ba94d2fcf27cbfd84366dbd2c9df3da8d6d2deaf885b1bef97ee178e76c

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XJAo65zjqOZUi2Nq4HUZqRHhbtzWNJrZ
content-encoding: gzip
last-modified: Fri, 28 Aug 2020 11:21:01 GMT
server: AmazonS3
age: 39135
etag: W/"a9bba50b066f704ad2bb315685b18a91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 20 Aug 2021 03:27:16 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZLJWuwbdpNWR4_wQNOWTlz_DP2r3je_plrNNUNoEMHz9kBdj_Iy1ww==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 9ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:30 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 27 Aug 2021 14:19:30 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 125ms
39ms Script
application/javascript 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js?c1=8&c2=6864322&c3=&c4=&c5=&c6=&c10=&c15=
Requested by: Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 20 Aug 2021 14:02:49 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1002
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VzVqHo-M0_1ZxjPJHvt-lsDION_4aia3vMw6K8L6cHGavtZIizCs9w==

GET
H2 200 rules-p-b8GPCpJxfqYm2.js Show response
rules.quantcount.com/ 3 B
428 B 13ms
12ms Script
application/javascript 2600:9000:20eb:5600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-b8GPCpJxfqYm2.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 03:36:09 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
age: 38602
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:50:07 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: co-1IUkuwIZ1qQ7DGXcmLXkP_lyUNjI8nh4ZaZlCf0ZrsW-nCGPgzw==

GET
H2 200 pixel;r=126897285;rf=3;a=p-b8GPCpJxfqYm2;url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp;uht=2;fpan=0;fpa=P0-1749219166-1629469170695;pbcn=u;pbc=;ns=...
pixel.quantserve.com/ 35 B
210 B 10ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=126897285;rf=3;a=p-b8GPCpJxfqYm2;url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp;uht=2;fpan=0;fpa=P0-1749219166-1629469170695;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=emergencyemail.org;je=0;sr=1600x1200x24;dst=1;et=1629469170770;tzo=-120;ogl=

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/ Frame DF28 237 KB
66 KB 35ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c735a837ac939932844e5f7c1ecb8d38790ede1c4c6769f795fbe41b199bf8c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12397739699070241829/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 17 Aug 2021 20:28:19 GMT
expires: Wed, 17 Aug 2022 20:28:19 GMT
last-modified: Tue, 17 Aug 2021 06:58:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 65957
age: 237072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C851 0
0 30ms
29ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co7au8rkfYbLvJeuT7_UPm4eT8A3U5OTPZLX6sc-UDvu17tz3KBABIL349AJglQKgAe3Rx70DyAEJqAMByANIqgSNAk_QO_B97tWNcGlFcbQMUKKDKOSnWuIKdt770pWBIEzpiGo6qNyhyhhLp4FGyH_gIYcWmHUzF5KXIzmCK0o7eGhgcTeDHhMHTH-LaV_zz8vak4jlQicqHBcYtAWJWbwD4n6KHyMUmZ0PAmmEWVIUiJVBv5QnhlF9F493BHgj6CSE_PkY8XQM1vJz91onRynCrKViUXCksZKtOhm0-x1zpkgrlfmav-WRWeqnCJyvFkkHJs5gDjsvRxrFmY17ag7Bm6dGnsW1txGjfRpekSD6X9HiUd3EK15EbFbXHriL0P7JcBgH1EsCgUzWD-Sp2DKEvlOUY6aJw6ZfGpKhusmYwfD7_s8kQQ0VIkdwL3suwATvgtCW4AOSBQQIBBgBkgUECAUYBKAGLoAHlezdGagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRCTsPcB0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTEwNzY5ODc4NjU1NzIwMTMYAA&sigh=LFHIYkwuKQ4&template_id=419

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 Aug 2021 14:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame C851 18 KB
8 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:14:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C851 2 KB
1 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:15:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C851 124 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C851 14 KB
6 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:11:27 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C851 0
0 20ms
19ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcl1kdeqDzWpHdrE5AKLpXopdVOTr04b9D8viFJU2RCrg95zOY6frt2AtnXLcK1J6VnuUDMoTVkeVfrPDRDHa-pjr3qA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37CF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkQ_rGIahZKaa42CqwXo6872lecybsukVJEy_zEy9iYqS1Nd3Wq5TjwUCK-m8A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=250&slotname=4365697183&adk=1682474753&adf=3125142811&pi=t.ma~as.4365697183&w=343&lmt=1629469170&rafmt=12&psa=0&format=343x250&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170596&bpp=1&bdt=269&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1240&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oylUazfRNo&p=https%3A//www.emergencyemail.org&dtd=7

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 14:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C851 0
20 B 41ms
27ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKw2djlv_ICFevJuwgdm8ME3g&gqi=8rkfYfmkJeqOjuwP5_itkA0&layout=/sadbundle/%24csp%253Der3%24/12397739699070241829/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C851 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13b93724206fa046183096c17a1ed8fbad2ae855f21cbcb688c7867f4d2e56ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DF28 9 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DF28 26 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 12:37:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF28 10 KB
1 KB 49ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12397739699070241829/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d5fba965b050709a7ac0e362c873f0480f8c3aa657931e297a61060c2c112ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 12:53:29 GMT
server: ESF
date: Fri, 20 Aug 2021 14:19:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37CF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

13ms
13ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkQ_rGIahZKaa42CqwXo6872lecybsukVJEy_zEy9iYqS1Nd3Wq5TjwUCK-m8A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 14:19:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 20-Aug-2021 15:19:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 14:19:31 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DF28 13 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9744694c51a57bab68f01837bc7bb97b79562fc5ebb691307f0eb41c610a6208

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame DF28 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 263af4004242c860d58b0ca3a019363d959ebba02d836b12eb1546ae9e7df27e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF28 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b86b3aa51e66845f48c3f7f5438423aa138136813d5c00af8082a6446f535c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF28 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 920801a335dceb3aec8a312a89a578527de34d64028c2c53232761c7a589f51b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF28 15 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6211d892e3c0b06865ac4fe1bcf0776f5f2f31549c5594b34cfca558d0be6ece

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF28 659 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b875b2c20ba0dc7331d94123562c6c801e1fc0f9a465e0b9157f86e53766fd0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF28 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd19f7867349b8914ae79cf980dbcf0b95f738cfd2337c808a89942214fff67

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF28 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1386809b8793e815c5dc6dd209bb8766b78842e1ec2b48dad28b61483b9f95c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF28 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d3adcf7629462e59d160af00c32c102aefdfba0d86e85daa6a3a4b789ee1779

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF28 812 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb9d9c813f8cb32e0809e92c139d4e351046d982ee0878f159b9f4509975d892

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v14/ Frame DF28 16 KB
16 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v14/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 23:31:06 GMT
x-content-type-options: nosniff
age: 226105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 21:27:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 23:31:06 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v14/ Frame DF28 16 KB
16 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v14/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 23:31:06 GMT
x-content-type-options: nosniff
age: 226105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 21:25:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 23:31:06 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame D18C 67 B
91 B 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 12:06:16 GMT
x-content-type-options: nosniff
server: cafe
age: 7995
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 21 Aug 2021 12:06:16 GMT

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame DF28 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 12:40:20 GMT

GET
H3-29 200 UiS_Stadt_970x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/ Frame C96C 3 KB
1 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c5529abfda4248a3891da6efd5dde3e0c26243af718e36178931ea60d1589b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1181
date: Thu, 19 Aug 2021 06:07:10 GMT
expires: Fri, 19 Aug 2022 06:07:10 GMT
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 115941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame EDEC 43 B
1 KB 154ms
46ms Fetch
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=13810339821&extCr=123972157425-532180687678&cb=1848788811

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 20 Aug 2021 02:19:31 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 20 Aug 2021 14:19:31 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EDEC 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmdz98rkfYe7uJ7GN7_UP-Y2dkAjntP-nZLW-ue-ADtzZHhABIL349AJglQKgAcqH5qQDyAEJqQL4QLVsQ5azPqgDAcgDSKoEjQJP0EhnGhnsJgoQq28A4_NSV_Xqux6Z8VKUDzEZ9V9-E5s3LMmCDQHRzHGxUV42DP7f6e04pm3Te9oblvLjOyzEh587yxNri5kofBd4xJKGgtbQDkgOQ3q-Cq4hre4Iou5CC9yeAVvVRsnY_8CO6uvNiX38WnHPJ5tGBz4dQrdzvEW-mgtH9mRXaCl6YVagxvmW0QWTbd1a7fHX5zbM001X50gZFgX2XRK9_at7Ii7xSJXNtYc8_aQHTMgKmaBEKmLpM70qzIx_jlz2RP1C5jisFyvnIfnPfTq4SMiTRKlX0ugJ0NHOl7QX7RLVRQnVzjlJkk1HBa76ytW6Q3Az2vExgF6ySjdaQFhlz6yyh8AE8f_D6s0DkgUECAQYAZIFBAgFGASgBi6AB574mVuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQ3aauAdIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0xMDc2OTg3ODY1NTcyMDEzGAA&sigh=Qks_cc6QvFk&template_id=419

Requested by

Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 Aug 2021 14:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame EDEC 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:14:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame EDEC 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:15:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EDEC 124 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame EDEC 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 14:11:27 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame EDEC 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLnO1cjoW3GeTVyM5uajDBaWEQKHXLPNvrjwKl5yad9AssORuyxBZDPFTMZ06nlhDCNJ-AqysVyRp3bfbaABRjRj736g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E92B 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUm6MRw2z4f2JvPRoBadqbcwODXC2DCFQlOfJI7E52wJVwkUz5o6oBehpzc7x1A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1076987865572013&output=html&h=280&slotname=5842430384&adk=1344324978&adf=1099740171&pi=t.ma~as.5842430384&w=1200&fwrn=4&fwrnh=100&lmt=1629469170&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.emergencyemail.org%2FweathergetWANG1.asp%3Fsrc%3DDS.p19r0%2Fsi.kLIX%26amp&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629469170626&bpp=1&bdt=299&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C366x280%2C343x250&nras=1&correlator=7290652016940&frm=20&pv=1&ga_vid=1904818478.1629469171&ga_sid=1629469171&ga_hid=1935010529&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062313%2C20211866%2C31062297&oid=3&pvsid=1820401166546959&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=otZg0Q5t85&p=https%3A//www.emergencyemail.org&dtd=2

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 14:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EDEC 0
20 B 28ms
27ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO6v29jlv_ICFbHGuwgd-UYHgg&gqi=8rkfYYX3JqWm3gOn0rmACQ&layout=/sadbundle/%24csp%253Der3%24/735553105042064842/UiS_Stadt_970x250.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C96C 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C96C 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 12:37:33 GMT

GET
H3-29 200 abb1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 69 KB
69 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/abb1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e13a31bbbc79a0759e026647ac9627ac4302d4413e9f4e6813e9b37ad4da0e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70325
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 abd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 7 KB
7 KB 12ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/abd.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

254c466f7b9c0f5a334bbd9fd596cf3d3e90d4ab5926c195a09e36e07a9deaf7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6860
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 ibahn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 7 KB
7 KB 14ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ibahn.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b2d453b7fe0f18cadce82e6b0926f2c957a8e225e57a8919822a5116299111

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6894
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/txt1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45f92f26e95393ba1eb91af946af50922be08d748d59980c547cad9e4b6617b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1886
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 2 KB
2 KB 19ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/txt2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf2169db04309466c65cf449264d704ff1274bec91acde4786d35d647e17fe9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1756
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 419 B
445 B 16ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/puls.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f763ace78de2690b9edb87062127632c25b6576aceaf7a2dc16eb6f075ebc40

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 1 KB
1 KB 16ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ll.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00d25614b9b0d0fc3d63d09a7a1d4c765b34072792ba4309c82a51c57ad8d4c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 5 KB
5 KB 18ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/preisButt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b0501f304194751ea4cdaea5da1279bf56f0722220889f0024c81db88325ff

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5059
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 4 KB
4 KB 17ms
15ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/txt3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

613cce1979a1010ccf1c1861ba842228e74e424f58a84e953c5300a8e021c904

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3780
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 txt4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 3 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/txt4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ec3aed71c6de9b1fff68765cb122cbbc74812d1076ae4aaadf13dbd17cb68a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2742
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 txt5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 4 KB
4 KB 16ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/txt5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ad9c2f1bda39ff74cd0c7447d84b7070d8cf942ebde9f6ed15a33cd8bc4ac80

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3664
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/CTA.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfba22b82746d609ce9de957f0dbd41bed8342b9ce8cf9136973e3d9b4c7f78d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1907
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/ Frame C96C 2 KB
2 KB 18ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/images/DBx.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e248663751adc2f1005c93fd58bd8a8224143e65503f16105316494f084ffd0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 24037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 09:33:44 GMT
server: sffe
date: Fri, 20 Aug 2021 07:38:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:38:54 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C96C 60 KB
24 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/735553105042064842/UiS_Stadt_970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
DATA 200
OK truncated
/ Frame EDEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fa4c2e086ea95a1891ea831ec085b4c328c80cb628bd0fd6ff5f0819628eb61

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E92B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUm6MRw2z4f2JvPRoBadqbcwODXC2DCFQlOfJI7E52wJVwkUz5o6oBehpzc7x1A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 14:19:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 20-Aug-2021 15:19:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 14:19:31 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 56528_5fe201adc76a6.jpg
static-cdn.adblade.com/banners/images/149x112/ 9 KB
9 KB 42ms
41ms Image
image/jpeg 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.adblade.com/banners/images/149x112/56528_5fe201adc76a6.jpg
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18e2b250d868e3fb689b2656cb1278c7f58f00efceabb6d6c77560b66ed1730c

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:50:19 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 14:24:47 GMT
server: AmazonS3
age: 55753
etag: "56ec6608088988f9f8e89fc802ace266"
x-cache: Hit from cloudfront
x-amz-version-id: 5fE45iqYRUBV8nb90Rlmyl2G.6hCN3YT
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9148
x-amz-cf-id: TqhU3OdVGfOaTpEcUEp_zk06O3tVuTc_1faQTaZKLyB7KrEilh8UgQ==

GET
H2 200 56528_5fca42ca90128.jpg
static-cdn.adblade.com/banners/images/149x112/ 13 KB
14 KB 65ms
65ms Image
image/jpeg 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.adblade.com/banners/images/149x112/56528_5fca42ca90128.jpg
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 500041c18af3b1272131f116289b654c71820d4fea05a29f60039d0a4fe1dacc

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:50:19 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 14:08:12 GMT
server: AmazonS3
age: 55753
etag: "d6a82810e34a95a1af271da18c6395de"
x-cache: Hit from cloudfront
x-amz-version-id: ydXuo83.K0CD1gqVpZmFzLMalygmO7sF
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 13582
x-amz-cf-id: tO8Jdi4CJtul8ckHEe-qkta0IuOEW8zFe8m15i2RhmeyCgyRr6Awjg==

GET
H2 200 56528_5fb539bce0f0b.jpg
static-cdn.adblade.com/banners/images/149x112/ 12 KB
12 KB 59ms
58ms Image
image/jpeg 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.adblade.com/banners/images/149x112/56528_5fb539bce0f0b.jpg
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5509569de9521c236e8799ae7c8a7ef6d06222bf94f2d39ead07c7d05576c951

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:50:19 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 15:11:58 GMT
server: AmazonS3
age: 55753
etag: "a67b65e09b0fe7afabc8552dbe771b9c"
x-cache: Hit from cloudfront
x-amz-version-id: f0oF4pVSP5vDgjjr9n2ATP.WHHCO2Yb4
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12142
x-amz-cf-id: zWN_z4j-Df_SfmiGqRGlFMcrVutO3KJTFutC6RaX7lV2xfbrcqS9HA==

GET
H2 200 56528_5fb534e46c5d6.jpg
static-cdn.adblade.com/banners/images/149x112/ 10 KB
10 KB 47ms
47ms Image
image/jpeg 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.adblade.com/banners/images/149x112/56528_5fb534e46c5d6.jpg
Requested by: Host: www.emergencyemail.org
URL: https://www.emergencyemail.org/weathergetWANG1.asp?src=DS.p19r0/si.kLIX&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30561bc4213b5d2435273736ccff0b83ebc34bfd871451d172b0fed490635ef3

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LbBleCqhLM9vx9CgdWvC4Z6Isynxg9mz
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 14:51:17 GMT
server: AmazonS3
age: 4883
etag: "f9aa72b0cb729b7008716a49b1301a92"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
date: Fri, 20 Aug 2021 12:58:08 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10162
x-amz-cf-id: gfR3w4ARmmI_EdrYPlAa5F3fKN3vD9vJh82evtrO_44ht_Vw0YC1oQ==

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f9ad0f6ab55af65ccf96300c5d99fb925863ca03bbd694dceaaf38bc2a096cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 14:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8648
x-xss-protection: 0

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame C96C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 12:40:20 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 14:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 20 Aug 2021 14:19:31 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5E51 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 13:49:15 GMT
expires: Sat, 20 Aug 2022 13:49:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26DF 783 B
535 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6dcdaf668f8e5279ddb6490046363dca233d59eaa5d111eefee90e3925b4350

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kim4DYqepAumvEJxd76Q0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emergencyemail.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.emergencyemail.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 20 Aug 2021 14:19:31 GMT
date: Fri, 20 Aug 2021 14:19:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Kim4DYqepAumvEJxd76Q0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E51 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 12:40:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1820401166546959&bg=!RkWlRQHNAAZvV8FTb1c7ACkAdvg8WgqYtChPm7g78fogZDBkyWEU83KZNt0X96oVjnD2iTKzoWwxdgIAAABRUgAAAAtoAQcKAPRkkWgPmjkzGiENzI431_ti4cI14_nhbLMh4aTFVvq1gSK0MDzq04WZrzAwWaIuka3GqXQKJ1xEsdw37-v7xppWGGSz4rUR4kdnhHopNjG-9NZoIvxGRUCwyrViVykLOgw-Ck7-Bwqge-B-eSKHagR7z9eOV_xLxw6kld8X_lkPJ6vVx2xNTymnIqOMYmJi5YjMVPNK7zT6TYwdGpJjHGreBdJ6kO0gVw8OYWSFi3cUU35DEVU5R2xW5NN0WcI4o7src9G17MK61n-zRAPUGeBP71gIv3QNovMjSifksnBfe8Z4J6DvcT4mXIDv3Bozayg780JWmQKRjtgFzuHNLZcyl5VWKn3rTdnISI7-f6VeT_8N-ZWHtj7bzHzqwIxkktxvsvvaRiOhdj7nburfGIhPkLh9D1G5zFY0_wxj-4YqbUzySrI_iOnEdeK7W0r-5ip2CRRTa2hqucoRdAsJ5Z03PCJijRE4JJ4OoK0eRM1-keqasMlEPB3pYvD1RovZZ-LxIV7f9Xd4aY9Z3-4JP_r52Loei_QAcTSjEAcFpv1_l1zZME_FAtbunzkqyOKpXUP0H2hGlmR6dF12oKA_le3K9mIheBwy1K5UWCw6GV9sErNnmzguUd2f7y9AJzvvDQV542ly4oj9gVKSFj72RV6109DgqYp5gCgaQj1Ba9_n9e27Pm8O1svb6mmSRSk9Emd8_FV2YhZpNdtNODFw5uiU-ui_3kXTwm5c5s7MqtK4FVAdcDgWq4AWC-6sYLA99EwS9AtAM4-LAc-jCKnuK0uTPDmWh4snivKXdDTTMPd5QRvVYhiFguMeAHZDS5_wKKUZnVGadDUtQrijLANifCqfXjZRzmIfQ8TZBn-9Qnf3sejuXG41dTwxRKnL6Abc7NTQ4vGXxIAcZJSGHugS-AMxL1M2QxqJCzAE2EOlhQH6dJ7KzJ7Xeynnr7ZoRDSQra9pn84BDQLyBlsUoNXGhavJed1mgolOqNiFWWWfb2LBT8k3gy9G0MgFMiz8mFi53eAqK9KTEKlhdoTKMT2OK8vnFz-SiXE8425BWgXZBig6GoRQ8GeLQqwwWf-x0M8LlQn5BdvaapktRhoiTykjtf3od73sPhQXbUPgnpwN9ERTbaoY4tZpKgAGaQ2cY210Usre0VLRXb8Crv04b6detafxolUdH40vGS1_opz217615-v6CixahrkC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emergencyemail.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C851 42 B
64 B 33ms
33ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGp0utYI7WRJL5I2Ok12XTVYn0E7SRXhDqabnDJWmmPfvud-NyNAfyd8wmT5rBpOOOb2jpDHY96mtM4WI71dvywgalzl3TccHaml2ZbhbXPcBm94ti8YtH-Pz-Ig&sai=AMfl-YTJ8pEVc92kolDn-DHFR1HCKQAWVZpyAmQBSh490dNLF2XBtBCqUpQM149IOnUwbkimEMwOnD5B2wPdacIhqaMbkTmX8v5TNwA&sig=Cg0ArKJSzA8Km5hM6bLmEAE&cid=CAASF-RoNRK0Z596lIGbTlodFaMVwEyHyMee&id=lidar2&mcvt=1018&p=103,1240,353,1540&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1682474753&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629469170604&dlt=808&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C96C 0
121 B 27ms
26ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=150.0000&a1=https&f1=layout_html&s1=0&d1=9.0000&i=532698870199&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F735553105042064842%2FUiS_Stadt_970x250.html&gqi=8rkfYYX3JqWm3gOn0rmACQ&qqi=CO6v29jlv_ICFbHGuwgd-UYHgg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 14:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:37:52	Name: DSID Value: NO_DATA
.emergencyemail.org/	1970-01-20 06:02:17	Name: __qca Value: P0-1749219166-1629469170695
.emergencyemail.org/	1970-01-20 14:09:01	Name: __utma Value: 198119099.1904818478.1629469171.1629469171.1629469171.1
.doubleclick.net/	1970-01-20 05:59:25	Name: IDE Value: AHWqTUm6MRw2z4f2JvPRoBadqbcwODXC2DCFQlOfJI7E52wJVwkUz5o6oBehpzc7x1A
.emergencyemail.org/	1970-01-19 20:37:49	Name: __utmt Value: 1
.emergencyemail.org/	1970-01-19 20:37:50	Name: __utmb Value: 198119099.1.10.1629469171
.emergencyemail.org/	1970-01-20 01:00:37	Name: __utmz Value: 198119099.1629469171.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.emergencyemail.org/	1969-12-31 23:59:59	Name: _dlt Value: 1
.emergencyemail.org/	1969-12-31 23:59:59	Name: __utmc Value: 198119099
.emergencyemail.org/	1970-01-20 05:59:25	Name: __gads Value: ID=c7283530aafb5930-22485579a6c800ca:T=1629469170:RT=1629469170:S=ALNI_Ma9u3UTb-ILxxFWfRYaIKwt08KgGA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.exactag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
radar.weather.gov
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
secure.quantserve.com
ssl.google-analytics.com
static-cdn.adblade.com
tpc.googlesyndication.com
web.adblade.com
www.emergencyemail.org
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
13.224.96.53
142.250.184.226
142.250.185.66
143.204.98.65
213.202.235.9
2600:9000:20eb:5600:6:44e3:f8c0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a02:26f0:6c00:2ad::1917
3.214.237.192
52.117.149.22
00d25614b9b0d0fc3d63d09a7a1d4c765b34072792ba4309c82a51c57ad8d4c9
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
07aa94791917b7582e05d2ecff2c0644115623907e3b95e0cd338842827eb646
0af0315bb903172264235944e0a3e750dd12776007c173e9decd3a7b41f40fa8
0fa4c2e086ea95a1891ea831ec085b4c328c80cb628bd0fd6ff5f0819628eb61
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1386809b8793e815c5dc6dd209bb8766b78842e1ec2b48dad28b61483b9f95c0
13b93724206fa046183096c17a1ed8fbad2ae855f21cbcb688c7867f4d2e56ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1884558588b5b7d9b06e9e42e0071de8d11c028dfb33057588d792beee0320e6
18e2b250d868e3fb689b2656cb1278c7f58f00efceabb6d6c77560b66ed1730c
221e629b0579caeec7345346b0b833308de691addea5faecdb5a21a420d6efb6
2257ff6d7b4521cbd33a8cc421770eb281be2facce2fe4fe56e893ab9af14155
254c466f7b9c0f5a334bbd9fd596cf3d3e90d4ab5926c195a09e36e07a9deaf7
263af4004242c860d58b0ca3a019363d959ebba02d836b12eb1546ae9e7df27e
27ef2f48d6b8fb17b7576cc7965852b20006f891c7f816159970151637b1db77
2a04c1bffc2f1d244c2ee070ed68d54036383ccc9a47fd452a39d8ad6e5a5552
2c735a837ac939932844e5f7c1ecb8d38790ede1c4c6769f795fbe41b199bf8c
2d3adcf7629462e59d160af00c32c102aefdfba0d86e85daa6a3a4b789ee1779
30561bc4213b5d2435273736ccff0b83ebc34bfd871451d172b0fed490635ef3
30b0501f304194751ea4cdaea5da1279bf56f0722220889f0024c81db88325ff
323ce4920b8fd78df07c1c477132879621ea5c2c778414e05b5020688b717ed9
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
500041c18af3b1272131f116289b654c71820d4fea05a29f60039d0a4fe1dacc
549a05ec4d31a58fb6e18b07a2c609d22ee567333bd4df2c62b8ce40665f0773
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5509569de9521c236e8799ae7c8a7ef6d06222bf94f2d39ead07c7d05576c951
5bd14179c9361007d65349d15844a9d6a857c301b3070e969263e9c5fd3a8f78
5e248663751adc2f1005c93fd58bd8a8224143e65503f16105316494f084ffd0
613cce1979a1010ccf1c1861ba842228e74e424f58a84e953c5300a8e021c904
6211d892e3c0b06865ac4fe1bcf0776f5f2f31549c5594b34cfca558d0be6ece
62e13a31bbbc79a0759e026647ac9627ac4302d4413e9f4e6813e9b37ad4da0e
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
68866e8e15e3f8ad89d46e38e8c7b865981bd29afb82c7fd219dea9503fa1b94
6d5fba965b050709a7ac0e362c873f0480f8c3aa657931e297a61060c2c112ad
7ad9c2f1bda39ff74cd0c7447d84b7070d8cf942ebde9f6ed15a33cd8bc4ac80
7f763ace78de2690b9edb87062127632c25b6576aceaf7a2dc16eb6f075ebc40
7f9ad0f6ab55af65ccf96300c5d99fb925863ca03bbd694dceaaf38bc2a096cd
7ffc8ba94d2fcf27cbfd84366dbd2c9df3da8d6d2deaf885b1bef97ee178e76c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879c1d7f2c63e2496878c60dba3f8920bd4736ecf68f3230c22fa4560e0c84ef
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
920801a335dceb3aec8a312a89a578527de34d64028c2c53232761c7a589f51b
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
9744694c51a57bab68f01837bc7bb97b79562fc5ebb691307f0eb41c610a6208
9aef70180fe03c0e3476f58e74f59652630384b8082b7b0f62a86b8802757ec3
9cd19f7867349b8914ae79cf980dbcf0b95f738cfd2337c808a89942214fff67
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ec3aed71c6de9b1fff68765cb122cbbc74812d1076ae4aaadf13dbd17cb68a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b86b3aa51e66845f48c3f7f5438423aa138136813d5c00af8082a6446f535c9d
b875b2c20ba0dc7331d94123562c6c801e1fc0f9a465e0b9157f86e53766fd0c
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf2169db04309466c65cf449264d704ff1274bec91acde4786d35d647e17fe9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9d9c813f8cb32e0809e92c139d4e351046d982ee0878f159b9f4509975d892
d08e09c268f409b78b36499f3fc723aa7b8937adf935093b4175756365bcd196
d1c5529abfda4248a3891da6efd5dde3e0c26243af718e36178931ea60d1589b
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7afaaa69d037331a0ec0e663d0c4d830a898de9cbfd89065289b51d9003b382
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
ded711c7e959de2a9cba2f3b7572f971ce13c0e2facda70095372619eefde62a
dfba22b82746d609ce9de957f0dbd41bed8342b9ce8cf9136973e3d9b4c7f78d
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45f92f26e95393ba1eb91af946af50922be08d748d59980c547cad9e4b6617b
f6dcdaf668f8e5279ddb6490046363dca233d59eaa5d111eefee90e3925b4350
f8b2d453b7fe0f18cadce82e6b0926f2c957a8e225e57a8919822a5116299111

www.emergencyemail.org Open in urlscan Pro 52.117.149.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

67 %IPv6

17 Domains

24 Subdomains

22 IPs

2 Countries

1231 kBTransfer

2465 kBSize

10 Cookies

5 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.emergencyemail.org Open in urlscan Pro
52.117.149.22 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

24
Subdomains

22
IPs

2
Countries

1231 kB
Transfer

2465 kB
Size

10
Cookies

93 HTTP transactions
12 data transactions