sankeymatic.com Open in urlscan Pro
209.197.127.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sankeymatic.com/
Submission: On October 10 via api (October 10th 2023, 2:10:27 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 76 HTTP transactions. The main IP is 209.197.127.46, located in United States and belongs to PAIR-NETWORKS, US. The main domain is sankeymatic.com.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.

This is the only time sankeymatic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	209.197.127.46 209.197.127.46	7859 (PAIR-NETW...) (PAIR-NETWORKS)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
76	14

16 209.197.127.46 (United States)

ASN7859 (PAIR-NETWORKS, US)
PTR: nowthis.com

sankeymatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	388 KB
16	sankeymatic.com sankeymatic.com	525 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	64 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	94 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	609 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
76	9

	Domain	Requested by
16	sankeymatic.com	sankeymatic.com
15	pagead2.googlesyndication.com	sankeymatic.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net sankeymatic.com tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com sankeymatic.com
2	googleads4.g.doubleclick.net	sankeymatic.com
2	www.googleadservices.com	sankeymatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	googleads.g.doubleclick.net sankeymatic.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
76	14

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
vis.social
nowthis.com
tilde.zone
github.com
d3js.org

Subject Issuer	Validity	Valid
sankeymatic.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://sankeymatic.com/
Frame ID: 67B1F34FFB4508BD1E94BDB8792ACF22
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: D1E6C6353EF6CF26EDB24CFD0F2886EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3811177942013776&output=html&adk=1812271804&adf=3025194257&lmt=1694474038&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fsankeymatic.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696947022502&bpp=6&bdt=249&idt=281&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3693492912045&frm=20&pv=2&ga_vid=2004948585.1696947023&ga_sid=1696947023&ga_hid=1863475778&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44801485%2C44804782%2C44805099%2C31078673&oid=2&pvsid=1313250138574095&tmod=1335566794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
Frame ID: A77BA8C493165067B133082F53AF33C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3811177942013776&output=html&h=280&slotname=1776796112&adk=2543815378&adf=854766408&pi=t.ma~as.1776796112&w=1200&fwrn=4&fwrnh=100&lmt=1694474038&rafmt=1&format=1200x280&url=https%3A%2F%2Fsankeymatic.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696947022508&bpp=3&bdt=256&idt=310&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3693492912045&frm=20&pv=1&ga_vid=2004948585.1696947023&ga_sid=1696947023&ga_hid=1863475778&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44801485%2C44804782%2C44805099%2C31078673&oid=2&pvsid=1313250138574095&tmod=1335566794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=O7ch3eiEuC&p=https%3A//sankeymatic.com&dtd=322
Frame ID: EC2C7BCF7C5B5C8C34D12A6C7A513C14
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: D6ECF78A34B0322C123C0FA5950A199B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2DCDCF4AE196C469ABBD541652B62EC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUrZzvL0UDHfENW8bNyq11tN0y-EWf4wI3K-aPgpH71SpkzaAjMpvvf_VddgEderRZOVJgzXojEwR8MWnydGAxIR_ZNHQ
Frame ID: 7284F8EC3521D23847C4016AB2730727
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Frame ID: D22931C403301E9A94B5C82725F36544
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 86E08119F0E55847ADD16E6A75EC60ED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC1E45E8D40FF647D2F8EA046A9E082A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82493CB0B5D6803AE66521ABE3B55E3C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SankeyMATIC: Make Beautiful Flow Diagrams

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

76
Requests

99 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

14
IPs

2
Countries

1255 kB
Transfer

2461 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/Comparison_of_vector_graphics_editors
Title: vector graphics editor

Search URL Search Domain Scan URL

URL: https://vis.social/@SankeyMATIC
Title: @SankeyMATIC@vis.social

Search URL Search Domain Scan URL

URL: http://nowthis.com/
Title: Steve Bogart

Search URL Search Domain Scan URL

URL: https://tilde.zone/@nowthis
Title: @nowthis@tilde.zone

Search URL Search Domain Scan URL

URL: https://github.com/nowthis/sankeymatic
Title: Source code is available

Search URL Search Domain Scan URL

URL: http://d3js.org/
Title: D3.js

Search URL Search Domain Scan URL

URL: https://github.com/d3/d3-sankey
Title: Sankey plugin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://googleads.g.doubleclick.net/pagead/adview?ai=CgJRpTlslZb-nNoGViM0P-KOn0ALF6Y-rc7LFwuCwEbvW8_0IEAEgkauhkgFgleKTgqAHoAHghdb6A8gBCakCbkoMl3S6sT6oAwHIA8sEqgTNAU_QggHg9zvi3ELPZJ1FqZozrcYbCiWc5r320BV4vSdyZBUVr0xQJib0fth5veLLABg-k8EXtn8G9uqzWRsq7XEKBjOGIprk7ZBzXB2aD6N69u9uTMnzO34AupNHF0GesGrsEV7qqscgLORqsrnhxNc7AGvypVJJ4YUKqu5kBvYXQIewF1R21nf7KLmlyoied3e1L1pXvsa2Ebu_66gUxCTaSHbzUykyVyiy2uBYRjpKopWjL9QmL7iEZ0cUCqGYAaainX_RawiqhyIBgpXABKzT77KtBIgFqP-YyUmSBQQIBBgBkgUECAUYBKAGLoAHiPqpBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOHaCtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCYwBaHR0cHM6Ly93d3cucmFub3JleC5jb20vcmFub3JleC1kZXNpZ253aXNlLz91dG1fc291cmNlPUdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249RGlzcGxheV9lbl9Db2xkX0F1ZGllbmNlJnV0bV9pZD03MDE1YTAwMDAwMW9oczNBQUGACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTM4MTExNzc5NDIwMTM3NzYYAA&sigh=HrEPDZPg2cQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSSwDICaaNJz28Ig08aY2A9dZVTAF23M0uy9Zuq95N4OP2ouLsiR2fKCRLMFf7CNkJA16Z9htOOMHPQK0rmOOK-QCOc-xkpQDgJ91vlhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225803173958310521830%22,%22debug_reporting%22:true,%22destination%22:%22https://ranorex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221062568672%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226288958680333439153%22}&andc=true

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sankeymatic.com/ 10 KB
10 KB 751ms
109ms Document
text/html 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 477031ee2383d0fa91e4d46c7d1777aab2cf251335f990c40fc741fc5a69c040

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 10089
Content-Type: text/html
Date: Tue, 10 Oct 2023 14:10:22 GMT
ETag: "2769-6051f284b45c7"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 12 Sep 2023 01:13:58 GMT
Server: Apache

GET
H/1.1 200
OK skm-main.css
sankeymatic.com/ 20 KB
21 KB 109ms
109ms Stylesheet
text/css 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://sankeymatic.com/skm-main.css
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 48678df5f6146419a9d3dd2d4a908100b46763a9ca7edd4421fdc30e6bebca5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Sun, 01 Oct 2023 20:45:41 GMT
Server: Apache
ETag: "51b9-606adbdac7dcf"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20921

GET
H/1.1 200
OK SKM-400.png
sankeymatic.com/i/ 17 KB
17 KB 114ms
114ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/SKM-400.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: e0cbb97e2188d327c3f301bcb207685073aac0b3b53dae8b66e9ea37f4fd7a08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Sun, 06 Feb 2022 06:20:26 GMT
Server: Apache
ETag: "44dd-5d7537ad14f07"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17629

GET
H/1.1 200
OK budget-example-300x200.png
sankeymatic.com/i/ 13 KB
13 KB 222ms
114ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/budget-example-300x200.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 43b8c706430d5f829d7aba62cdcb1b57dc997f3abb40e4b4456616b831baea57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Tue, 07 Feb 2023 18:23:20 GMT
Server: Apache
ETag: "3217-5f4203e0d72c9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12823

GET
H/1.1 200
OK job-search-example-2000x1200.png
sankeymatic.com/i/ 131 KB
131 KB 298ms
111ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/job-search-example-2000x1200.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: e4f6bab015dd440637c1e5887e3aed324930f51182a866f1525f20f9bcbcf328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "20b74-5f408decb0a7c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 134004

GET
H/1.1 200
OK financial-results-example-400x200.png
sankeymatic.com/i/ 16 KB
16 KB 336ms
110ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/financial-results-example-400x200.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 2c7034fb2c03708e1ea2be0cfce5d38a1a9dfa13c0824921ba5a0fdc5d5d075e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Tue, 07 Feb 2023 18:14:11 GMT
Server: Apache
ETag: "3f37-5f4201d4cf3a0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16183

GET
H/1.1 200
OK inputs-example.png
sankeymatic.com/i/ 103 KB
103 KB 335ms
109ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/inputs-example.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 9207329618d66a0d9d0a988e9c3f95d1467a08394b26b70246cbdce8b31d816f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:58:17 GMT
Server: Apache
ETag: "19ba8-5f40942e448bb"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 105384

GET
H/1.1 200
OK inputs-customize.png
sankeymatic.com/i/ 29 KB
29 KB 229ms
110ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/inputs-customize.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 502a731b0a29a2d00d052d498556655bcf647b7fdb5f6b59a20ef43c71d8c644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Tue, 07 Feb 2023 17:21:28 GMT
Server: Apache
ETag: "7480-5f41f60ca7cab"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 29824

GET
H/1.1 200
OK custom-rev0.png
sankeymatic.com/i/ 22 KB
22 KB 153ms
112ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev0.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 7963b7713b3d84c61303b21de7bbb1ccc7614391b010f870d0049b8088163e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "5841-5f408dec83c20"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22593

GET
H/1.1 200
OK custom-rev5.png
sankeymatic.com/i/ 17 KB
18 KB 115ms
113ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev5.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 5dc87c08f0c8993d9bebf9ed80780d82b1ca46578cd3b44e39855f84aae4a119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "4584-5f408dec659dd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17796

GET
H/1.1 200
OK custom-rev1.png
sankeymatic.com/i/ 19 KB
20 KB 110ms
109ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev1.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: a17b4b98116ac8a7dfd7df75b2dfe1b5e473c4f6408a61e99bb9ff4df6793f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "4d73-5f408dec6e2a8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19827

GET
H/1.1 200
OK custom-rev6.png
sankeymatic.com/i/ 26 KB
26 KB 111ms
111ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev6.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: c7c1e066a7ea8ccff2916e158c9e6c40930d96836f41b79a1a9b499b2ca1d2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:17 GMT
Server: Apache
ETag: "66ab-5f408dec49cce"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 26283

GET
H/1.1 200
OK custom-rev3.png
sankeymatic.com/i/ 22 KB
22 KB 114ms
112ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev3.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 71d76c14bcd5e216e37d7f76e5f5b0e862fdc9a819ec3afbfe4973016a30f601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "56ae-5f408dec66e2f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22190

GET
H/1.1 200
OK custom-rev8.png
sankeymatic.com/i/ 27 KB
27 KB 116ms
115ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev8.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 2c061951b85e21e5a02f3137a64677abbf97b2812a5ad55ec193f782e5c1d2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:17 GMT
Server: Apache
ETag: "6ca8-5f408dec41c99"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 27816

GET
H/1.1 200
OK custom-rev4.png
sankeymatic.com/i/ 16 KB
16 KB 117ms
116ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev4.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: 398adbf6d0fe17e7593c10b90e94aa96195827ff0c66f1102c67fd24fe79e20f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:18 GMT
Server: Apache
ETag: "407f-5f408dec66379"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16511

GET
H/1.1 200
OK custom-rev9.png
sankeymatic.com/i/ 33 KB
33 KB 110ms
110ms Image
image/png 209.197.127.46
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sankeymatic.com/i/custom-rev9.png
Requested by: Host: sankeymatic.com
URL: https://sankeymatic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.127.46 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: nowthis.com
Software: Apache /
Resource Hash: a587a4332969983dd5e4f7e6b120ffe44f5d1a3cc81e88bafa7aa7156b5b08ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 14:10:22 GMT
Last-Modified: Mon, 06 Feb 2023 14:30:17 GMT
Server: Apache
ETag: "83e8-5f408dec49d09"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33768

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 143ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3811177942013776

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fba643085e2be90864cb430346e4fccd9c28e52cd5317f9ae397f93fecf547a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Origin: https://sankeymatic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51692
x-xss-protection: 0
server: cafe
etag: 11734181931401644268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:10:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 132ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3811177942013776&plah=sankeymatic.com&bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3811177942013776

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416906888024e87bf05f9a41c49d229fb14f75d96a9e0e0fcd038e1fbe09ec40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135848
x-xss-protection: 0
server: cafe
etag: 12747420033965608117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:10:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame D1E6 10 KB
5 KB 88ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3811177942013776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
609 B 85ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sankeymatic.com&callback=_gfp_s_&client=ca-pub-3811177942013776

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3811177942013776&plah=sankeymatic.com&bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

110e5715be4125e6ed79c7de07c170eba7fdc2a7f95efabe2fc19a889f685006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A77B 125 KB
47 KB 978ms
976ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3811177942013776&output=html&adk=1812271804&adf=3025194257&lmt=1694474038&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fsankeymatic.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696947022502&bpp=6&bdt=249&idt=281&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3693492912045&frm=20&pv=2&ga_vid=2004948585.1696947023&ga_sid=1696947023&ga_hid=1863475778&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44801485%2C44804782%2C44805099%2C31078673&oid=2&pvsid=1313250138574095&tmod=1335566794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ddc48bddb87b390c79ec54981676891864d5212650f67480dde9f765de67ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47507
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:10:23 GMT
expires: Tue, 10 Oct 2023 14:10:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC2C 115 KB
39 KB 579ms
578ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3811177942013776&output=html&h=280&slotname=1776796112&adk=2543815378&adf=854766408&pi=t.ma~as.1776796112&w=1200&fwrn=4&fwrnh=100&lmt=1694474038&rafmt=1&format=1200x280&url=https%3A%2F%2Fsankeymatic.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696947022508&bpp=3&bdt=256&idt=310&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3693492912045&frm=20&pv=1&ga_vid=2004948585.1696947023&ga_sid=1696947023&ga_hid=1863475778&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44801485%2C44804782%2C44805099%2C31078673&oid=2&pvsid=1313250138574095&tmod=1335566794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=O7ch3eiEuC&p=https%3A//sankeymatic.com&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b436df34020bc978f7d58c824c272395764df56633d2c66d3d907363b7550891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:10:23 GMT
expires: Tue, 10 Oct 2023 14:10:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame EC2C 4 KB
1 KB 85ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3811177942013776&output=html&h=280&slotname=1776796112&adk=2543815378&adf=854766408&pi=t.ma~as.1776796112&w=1200&fwrn=4&fwrnh=100&lmt=1694474038&rafmt=1&format=1200x280&url=https%3A%2F%2Fsankeymatic.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696947022508&bpp=3&bdt=256&idt=310&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3693492912045&frm=20&pv=1&ga_vid=2004948585.1696947023&ga_sid=1696947023&ga_hid=1863475778&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44801485%2C44804782%2C44805099%2C31078673&oid=2&pvsid=1313250138574095&tmod=1335566794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=O7ch3eiEuC&p=https%3A//sankeymatic.com&dtd=322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 14:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 13:48:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 14:10:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame EC2C 2 KB
972 B 99ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:38:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12913449339092895569/ Frame EC2C 15 KB
15 KB 78ms
23ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12913449339092895569/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ed13a3789211ae9fc35c8d18ef43a29789132a72f4303b2dcb6120f59abe442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:52:14 GMT
x-content-type-options: nosniff
age: 4689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:00:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Oct 2024 12:52:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4293646624287820275/ Frame EC2C 6 KB
6 KB 97ms
42ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4293646624287820275/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f4305be7d19c0e30cf0c66277538d8685121275dcd1d207f03d77c99607764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:22:48 GMT
x-content-type-options: nosniff
age: 190055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6518
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 13:59:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Oct 2024 09:22:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame EC2C 23 KB
9 KB 92ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame EC2C 3 KB
1 KB 91ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:13:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame EC2C 20 KB
9 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC2C 187 KB
59 KB 102ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:10:23 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame EC2C 37 KB
16 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
DATA 200
OK truncated
/ Frame EC2C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e862f7a0c73f148d3b108034c60fa6e05520b4b286bf90323b609b85ebc5074

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC2C 16 KB
16 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 417015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC2C 15 KB
15 KB 91ms
30ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 381811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EC2C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CgJRpTlslZb-nNoGViM0P-KOn0ALF6Y-rc7LFwuCwEbvW8_0IEAEgkauhkgFgleKTgqAHoAHghdb6A8gBCakCbkoMl3S6sT6oAwHIA8sEqgTNAU_QggHg9zvi3ELPZJ1FqZozrcYbCiWc5r3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225803173958310521830%22,%22debug_reporting%22:true,%22destination%22:%22https://ranorex.com%22,%22event_report_window%22:%2...

0
0

113ms
58ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225803173958310521830%22,%22debug_reporting%22:true,%22destination%22:%22https://ranorex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221062568672%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226288958680333439153%22}&andc=true

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5803173958310521830","debug_reporting":true,"destination":"https://ranorex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1062568672"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"6288958680333439153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Oct 2023 14:10:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 14:10:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5803173958310521830","debug_reporting":true,"destination":"https://ranorex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1062568672"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"6288958680333439153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame D6EC 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 156 KB
53 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/reactive_library_fy2021.js?bust=31078673

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac0432acb63380486ede98dbfe6c038378145738f3c3f0e14435e5a67e32b9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54484
x-xss-protection: 0
server: cafe
etag: 11575186929609121442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:10:23 GMT

GET
H2 200 ca-pub-3811177942013776 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 137ms
63ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3811177942013776?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2edd6490f30dc06dd972d7b58fb25909918cb1e179c07c3c413f200bb971e0aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UhD6fVWoPBkzx8Ufh9dAfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-UhD6fVWoPBkzx8Ufh9dAfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 139ms
67ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 14:10:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 2DCD 10 KB
4 KB 30ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXWnAqsRcayjv-xaEcdL8LX98VC5d-vQl0AabCgFAiKQkri_O3taMvQLDIWRu9X0sJeUuAOD5TanFzxrj-Zu1TbFIy3FzGth13UiLqSrJjHMYknTmg0hywiP8Jzm1wQs_tFzxCv0Q== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 69ms
64ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXWnAqsRcayjv-xaEcdL8LX98VC5d-vQl0AabCgFAiKQkri_O3taMvQLDIWRu9X0sJeUuAOD5TanFzxrj-Zu1TbFIy3FzGth13UiLqSrJjHMYknTmg0hywiP8Jzm1wQs_tFzxCv0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2OTQ3MDI0LDEzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zYW5rZXltYXRpYy5jb20vIixudWxsLFtbOCwiaWpWZHQzc2YxdHMiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/am=ggE/d=1/rs=AJlcJMxsr1VCOucfiMRXXY9yKWlqgBuGYw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

182145543b77859db848e021ec31d19d08d81b8c71c9a1481eb6df284a16e75b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-teH88bQIKPtHRUhfK7nK9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-teH88bQIKPtHRUhfK7nK9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7284 0
16 B 82ms
82ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUrZzvL0UDHfENW8bNyq11tN0y-EWf4wI3K-aPgpH71SpkzaAjMpvvf_VddgEderRZOVJgzXojEwR8MWnydGAxIR_ZNHQ

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:10:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D229 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:43:16 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame D229 7 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:54:14 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D229 0
0 175ms
75ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstT51a8kbJjY4Hwj6C26jzWNd3d9kQjawRLsYzfixrfTRoiAiSrbbjwAd8BJ1EGosKWH_KRF49za4U666ja9YUBEVQ3XVXcMIo99dkwHEGBogWioU-ZasDieEXV1O9ZXFFJdLx3gt0izljGnxvaHEctRrbkO1IgYjyq1tGynsZrGsH3zKV4TwgSFYpNVK9zEtEeO056p3GKq3-8SOWVu3y4AqYjPAzwlVYBk91m9NBhIahSjGRYQKvIQ4SEmoxklkZ4Hv4I2Xu91qn9CfMKvUGogtJSSfX18l88qABpCjM9s-oWNTJT3nqpUoIG7RKwFRoKIMaiqs6p5tY-sjObGlTIf9y8iUcWkXOs-cUlF_f3DOYhf9M4gADNc85hgreDEzF8A1fZBTQTQzBGC4TGL5yREoezWTU5B98TTXjLZQ1Y47WWtMFfoYb44kxbvKzDeMiQZoISjvmSIBMxH5SuPFf__INp5mhH0LlNhI2qi25BNL3HJcC_yDpPRYqUIaavbUU7sbsxzt36keN-cNAcp4SiKYOrYbSx2W8iSzXuHwCegNMxmozSyzuUCQyU4K2RavVzxqmpqRVpDIp7iInz6U4o0fo-9R15TG4DL0oYKg4QCggGKZva40oSBd0czluGqxK3G3jqD0pyf-ajIY91FSqohbP2JuUuUIR7D9kvfx_r-JBf_5XLg0wy4LS9QSevTDgZ96Gp-QeYwbj2SlavPDeWjT1LWckVVtxgUwyMZnJybi5zWox_L3KvK6vhyk3jLbQQGNvlHooL117LsZ46QmNazY3GPVHgvycn3wxlT8bTvcDu9KRPPjuwuAaMCdk3PXIQdEB6JbinGCj-EUXM_jXou7ON1zMuy92rzebtdJ4Fmzs63chLatif-SdkiHMMqkiWOEhprQtl_noI-gKU-5zS8ysidqUg8GPQcyS9UUVOwJZaEj_fSuQNqpa-0nUSNI0JZsXcCsca6GFSHIEnyr1IMvxJLvHXDQvZzKieIHGBBT40ifrguqjHcXOOKdVBD6KDA0us9KvBHEqIP_H48FZpsa6aAKDaJPeuwOI0awjE4_frCYxfvwJTrfhZ8fdRXSntduD5anLqM3b8LCW9Z74YeSYL4wORk-RFDmLY2CylCmZnYqucFyYWFWV8L8u3rjUxcjSzRtxDXh6bsN_ydWoYe1YbPuNPIIUStE_2G6r54tP6XxaQgeTxtp6tlIjE1Z8Sp66HCu1F0NdUXIL4zJ82LiWxz5eMSvkG4SUyIqg&sai=AMfl-YT4tKgYLurF4Q29MKMZDBnxPNtig0_aU0BF1YWAuMuxXO8pm9np8SlJCD6PIfUqM6GKREd6vHcm4lq5rqy4fvvxIfl2Oyyz-gNhGAI9thegAyvObv0euIpa0yc97RIOs7wNl9y8S_ahVE-M89Fu7i0tYPHfkBth3HXP3OKPNeCPqW_immWHBFdasbmUO5p-Y9PoeK6LhYawxTcAnXvThVLNV8o_XQDEXRecZ7OKqaOeC1Utso62LFZHn6t_cobVosmAnUDpqFV4UTzzygpantpSeWi0evCfIhAg5hVU5Ypgehbp8bDVnOpMwobpy1_n0rInCL3SI9T96XXWJERjnU89SyJyHJhjHI1GvRu4T8EspyaYMwuI2NdXqs0z5vaYh2VNeiuK1Zex9KgniYAbGFK23qzROcGh6KmDbdJS-NK78WT7QKRhkZNpssatoQ11KGfeqXjz5dk6ddFTaFi43BsByfq5xPxvXiEhaZ2Wy599cQk&sig=Cg0ArKJSzP1Q7zy-fLfFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231004.54755&arae=0&ftch=1&adurl=

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 14:10:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D229 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D229 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:13:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D229 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D229 187 KB
59 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 14:10:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D229 42 B
63 B 70ms
70ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsNMmTTWBODxA61spgRXtzjAag5XEWK5xAD7aUph40mD92W9FnaLLr6wjBKpThyvKRMtp1yXRnuTsMegDUSkn6nS68cMEJm_ltm4Dn3tc1PD4BXcc

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 14:10:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9107379330298137186
s0.2mdn.net/simgad/ Frame D229 16 KB
16 KB 123ms
31ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:45:11 GMT
x-content-type-options: nosniff
age: 465913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16210
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 14:41:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:45:11 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 87ms
40ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cs4j1_47EZeKWz68779TaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-Cs4j1_47EZeKWz68779TaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sankeymatic.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXK-7ZV9VnvDk38pOkZenp0jLEU7l9Wi0npquxC8WazIhXKRAiheFxVHIDWutKFWcrLWxwGprOjkIuV9tZj1IcqV6PyIqPNVObzu8k-FPZARV1a2hgzraLqX4805IHQaFMUOTKsoQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 84ms
80ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXK-7ZV9VnvDk38pOkZenp0jLEU7l9Wi0npquxC8WazIhXKRAiheFxVHIDWutKFWcrLWxwGprOjkIuV9tZj1IcqV6PyIqPNVObzu8k-FPZARV1a2hgzraLqX4805IHQaFMUOTKsoQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2OTQ3MDI0LDMwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9zYW5rZXltYXRpYy5jb20vIixudWxsLFtbOCwiaWpWZHQzc2YxdHMiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d188bf1bf4775cc23537f4302986303cd228ad488255523ff1cf672ae3cfb79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sy0oXJeL5UJfC7zp7nudEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-sy0oXJeL5UJfC7zp7nudEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 86E0 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 433252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D229 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e79048744eb8ec4e7654dd4cbc030b5d222630bbe2f6c1decc93b1f76e7ac99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D229 0
0 63ms
62ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstT51a8kbJjY4Hwj6C26jzWNd3d9kQjawRLsYzfixrfTRoiAiSrbbjwAd8BJ1EGosKWH_KRF49za4U666ja9YUBEVQ3XVXcMIo99dkwHEGBogWioU-ZasDieEXV1O9ZXFFJdLx3gt0izljGnxvaHEctRrbkO1IgYjyq1tGynsZrGsH3zKV4TwgSFYpNVK9zEtEeO056p3GKq3-8SOWVu3y4AqYjPAzwlVYBk91m9NBhIahSjGRYQKvIQ4SEmoxklkZ4Hv4I2Xu91qn9CfMKvUGogtJSSfX18l88qABpCjM9s-oWNTJT3nqpUoIG7RKwFRoKIMaiqs6p5tY-sjObGlTIf9y8iUcWkXOs-cUlF_f3DOYhf9M4gADNc85hgreDEzF8A1fZBTQTQzBGC4TGL5yREoezWTU5B98TTXjLZQ1Y47WWtMFfoYb44kxbvKzDeMiQZoISjvmSIBMxH5SuPFf__INp5mhH0LlNhI2qi25BNL3HJcC_yDpPRYqUIaavbUU7sbsxzt36keN-cNAcp4SiKYOrYbSx2W8iSzXuHwCegNMxmozSyzuUCQyU4K2RavVzxqmpqRVpDIp7iInz6U4o0fo-9R15TG4DL0oYKg4QCggGKZva40oSBd0czluGqxK3G3jqD0pyf-ajIY91FSqohbP2JuUuUIR7D9kvfx_r-JBf_5XLg0wy4LS9QSevTDgZ96Gp-QeYwbj2SlavPDeWjT1LWckVVtxgUwyMZnJybi5zWox_L3KvK6vhyk3jLbQQGNvlHooL117LsZ46QmNazY3GPVHgvycn3wxlT8bTvcDu9KRPPjuwuAaMCdk3PXIQdEB6JbinGCj-EUXM_jXou7ON1zMuy92rzebtdJ4Fmzs63chLatif-SdkiHMMqkiWOEhprQtl_noI-gKU-5zS8ysidqUg8GPQcyS9UUVOwJZaEj_fSuQNqpa-0nUSNI0JZsXcCsca6GFSHIEnyr1IMvxJLvHXDQvZzKieIHGBBT40ifrguqjHcXOOKdVBD6KDA0us9KvBHEqIP_H48FZpsa6aAKDaJPeuwOI0awjE4_frCYxfvwJTrfhZ8fdRXSntduD5anLqM3b8LCW9Z74YeSYL4wORk-RFDmLY2CylCmZnYqucFyYWFWV8L8u3rjUxcjSzRtxDXh6bsN_ydWoYe1YbPuNPIIUStE_2G6r54tP6XxaQgeTxtp6tlIjE1Z8Sp66HCu1F0NdUXIL4zJ82LiWxz5eMSvkG4SUyIqg&sai=AMfl-YT4tKgYLurF4Q29MKMZDBnxPNtig0_aU0BF1YWAuMuxXO8pm9np8SlJCD6PIfUqM6GKREd6vHcm4lq5rqy4fvvxIfl2Oyyz-gNhGAI9thegAyvObv0euIpa0yc97RIOs7wNl9y8S_ahVE-M89Fu7i0tYPHfkBth3HXP3OKPNeCPqW_immWHBFdasbmUO5p-Y9PoeK6LhYawxTcAnXvThVLNV8o_XQDEXRecZ7OKqaOeC1Utso62LFZHn6t_cobVosmAnUDpqFV4UTzzygpantpSeWi0evCfIhAg5hVU5Ypgehbp8bDVnOpMwobpy1_n0rInCL3SI9T96XXWJERjnU89SyJyHJhjHI1GvRu4T8EspyaYMwuI2NdXqs0z5vaYh2VNeiuK1Zex9KgniYAbGFK23qzROcGh6KmDbdJS-NK78WT7QKRhkZNpssatoQ11KGfeqXjz5dk6ddFTaFi43BsByfq5xPxvXiEhaZ2Wy599cQk&sig=Cg0ArKJSzP1Q7zy-fLfFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=170&dett=2&cstd=0&cisv=r20231004.54755&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: sankeymatic.com
URL: https://sankeymatic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
73ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e34d9beff25cea85a5e14f613c163579a3e034ecbce2a2999d6665844a214c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12293
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 86E0 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:10:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC1E 13 KB
5 KB 25ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 13:40:09 GMT
expires: Wed, 09 Oct 2024 13:40:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8249 829 B
1 KB 88ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ffcc921bd1f2de2973c91508fc351100674f935ef02eaf7bdb9c30c138c1568

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rZExTj8Zfny7lseOTLTcgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sankeymatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rZExTj8Zfny7lseOTLTcgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:10:24 GMT
expires: Tue, 10 Oct 2023 14:10:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E0 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0b8zTlslZeHNNOqPiM0Pqsqb2AUAAAAAOAHgBAI&bg=!dHeldzjNAAYMG8UMLBs7ADQBe5WfODKzYUDaMNRGNfj9NFmiwgaYxN6itUCJc5x57-Apf0aizKyFtgOebWDwG9lwUxhWAgAAAKRSAAAAGGgBBwoADG5m1rx5qQwbKe-u5pkDAaHqpYQVw7mqU2tzGPXzgoAwS9sAhunBEsFkWJ1G9XvMkfv1PwFd3cVO_L11YKb1VQX1DzMac_Ks5o9J_kj9hXZ75o1A0PwqUEytuMXYc38oL0myq8yn4v1VhUFvCj4VwLvkk-kJHbA75SPYvC15C-NNLCvdXJLL71Lf1fNiyNEnI5yvy4immvjkhj451Y3ZltmKaaCZ-5RovIYrvvwHe_Ok7OjhuihQK3OxJ3YgJS8rwyertEswRwT7YHjVgJcbihoh-c4_N6aXQXPONGkdXNv_2yL8iVxoewjf6f0xAjOlNgw_iBet3lxgTd8sfIvn7iooe8oO0uWRAupzO6onCtlX-JXQenuoFXadRZ-54byKuX3wnMS7YZXGte_i6bZhdKdEqW14GfMT0n1FZjS4EYiKv8kgi3rS-coPY72ChqkCkFw10ZV4l16I-8gaIDscInaE4I2nOHewqKRGQ0t2uFSpEUbM92IoQiATrwqFvihKbnoKlcbApKBa45oiLS0iCqvC7M8J5S-bnCwOca39bUwy-BB2BTGKYQ0PH3ksm-0z9BfFiJkXIDu5W0IjpuVYmOgYWIkLvDy23dm4qNTQXS3krxHg0FmK_TPIgb6UzOMH08MNZ3h9sRYd8o8TKT5_30D7tk5kA3gmLQPEq491-95f6rXNO6wBdhCxRFPuB_bP2khDVB-MwPFE5OC-0aB-ujf2nV18R2wLSybx15nUOpOlP6M2_UKQsx9dD9gEnta4e6_qHIGaSilDNbHd_2RMXPCx3zo0mZpVp4DaRbJqLpzwqhWzE1-8UIgCQYiPy0hmAjFDlu5gJXOPOCX3bXKGzUT9JLyUik40uiz1-cKiYhxjsOUAIcfzkeXUiHoqzJCaztn11j10ykozkE8dHWqsQSjaALFKGLfMbr5mq3-BMGDKOGKo1ymugVzVDmxddkO6HL5nqrPEs53BD70nQWdsoMazjxXHtJNgZC_7ab4TtjO-6IJC-_K0JE1p519n9d2xHtPqFbIQOJ2qzfxVYQCgF9Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 14:10:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame CC1E 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 12:13:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8249 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1313250138574095&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC1E 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bxdXtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1313250138574095&bg=!qKulq-TNAAbjlzx0w5c7ADQBe5WfOERYopzUHV9J3Th6mCW63_ApuGVnD4N58IpspsfYsC8FlyzxhkLr6GksOuD6O-VhAgAAAJNSAAAACmgBB5kCwrkXtvd7fLXXGeIMIGYAwV8dCmj8LxfJuEsb66izY_y40eECEtP1Qd4IntQyqYf9y6N1aqyQA_hp6-mCjeE_-WDfBYY6KTU97A-i8_JHF_TQPRyNnO1KXK19jUVRiKM5EtPdJBIJxpOcBNXRMlaxMqyg-XK08CdZLTk6sKMe1z9K9fiV-94u0xqgZwn3aqE4szFLHS5hLcsyfRk5sHWE6gdPJEjiqmEqosZiy5730Q72s1RwyVFA6r0s0m4incC4cW-2m7Xkcu4-d_ZimtwYl1haw4sY-ujJTvNkVbwe5Jau5IDR_3Uy31HwocLMNdL0QFIcHLT7Nb9VL_kHq8V-XTDLrQmsF2I_TkWuP9IVH4CdbIsFf9U_oKofW3NH8bJce9ycA_t8bRxugTMBM0uRXhiXopWSSf3eSiTjRD-qft6FiIEOZS65AHdkPQxE279m1Bq2j_PkuPzEDvQcRDP4FJJCEQ9ysX1pYJbNat9VVSjR9IYLfbXOibtHMIM8UsopwWWV-Q_wZ-o4dq4VDWsOCUdOjnZsKEbXNev6TEUzua9wqK1mWhwVYAO0A-Dgm9EGqX_qti1c9O8rSuYqVPySYAD2pssvhn5v521hQa3CdFMp9D3R83AAvfmRnCBkpdgMAdx1uXI2E3-dkjQMxL-SsQNXFifFep0LPKFX5fqVAFevBD3VLSnunMBJ1JSvGbpQvNvswJMRA5bJ3hzY3VTX_thOHARrp5EpzoZ2tU9BdMvGtRlAuqCtMxMf2wSiMfKT_l3vwALESrRdX5s2Zt-Ds2xtZ5REOV11rGcpNzzAqwkqXtF65CDEu0TQbhnzNedPaLNIIPD6eTg37Hf5Viuu_-jcR05h99s7Ba1r_XzraU30BPw2xT1EjuKnGIslJt8g5xLPJstse7TZhCpaIcxRwTvRu6LfA2b5AsDig3Z21yTu6uc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D229 42 B
64 B 129ms
129ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4j6ChdlgsOFjQh3wUg2m9C6xMgHCdyBWyyp3loIiTSsav3FEbTVE7jAsbimlY0LmHrDLOZPMlsbV8eXBOI1E-CZR3vc6xxyWnX3elDrqXc88OzSnuRslMF5c0kgShmrxEl-cyD79uthsy&sai=AMfl-YSGjOc-VeP7xZ0X9IXZ7LLUJA-vN_JdexIsToYr9sGuKyU8-LCWhBZTy3rL1PlxGHeVjCt2h6Socw19yeCXH3_DlIAAhxq_laK-jJM_80dD-Lu3NjhPjA9_3Wz6CVCfQbnbytdxnCmAaEZYuQ&sig=Cg0ArKJSzLtSImT30ZmlEAE&cid=CAQSTADICaaNianfeFjrWa32Y104wysf5Qsj2iuU0LaxsivGfXb9-kwypI4rwD0UUxB3m-v1ixcx2lu9YDJeqcrab55whzulmCvSXGI4_ScYAQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=331,808,1001,1001,1001&tos=331,477,193,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696947024199&rpt=206&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 14:10:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 38ms
38ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.337175228199079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y99D3P1ktm7HB86zLBzcqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-y99D3P1ktm7HB86zLBzcqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 44ms
44ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.0832623530289784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6H_VKVDSepPw2nrLVUxw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-6H_VKVDSepPw2nrLVUxw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
34ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pdeODj7PM7JH1UR0PY2pDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-pdeODj7PM7JH1UR0PY2pDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sankeymatic.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 leaderboard Show response
fundingchoicesmessages.google.com/f/AGSKWxWW9f9biOeWfiFWmntqnJocHZ7vHYxj5aACW2A-xMoL9XMu-QeCUE3x3aY-Zw7gAtYWLqx4xZuqIudca1k9qMasqL0C6_sHPD5g2NJIPLget6P2wjY-h9NZtTM5f_ltZ16TH-VXtuX3mesgs7cDkWRFL6j8S... 54 B
109 B 36ms
35ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWW9f9biOeWfiFWmntqnJocHZ7vHYxj5aACW2A-xMoL9XMu-QeCUE3x3aY-Zw7gAtYWLqx4xZuqIudca1k9qMasqL0C6_sHPD5g2NJIPLget6P2wjY-h9NZtTM5f_ltZ16TH-VXtuX3mesgs7cDkWRFL6j8SIfuZc5eyjpHJdS7HXrHfSExsbxFG91L/_/vnads./ads/leaderboard-_adlog.-ads/videoblaster//ads/leaderboard?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyOha332GaUQAyltJTof-mFfmmeNA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0768b9568253b17d989bbac9a8ec627eaf3f5e7db0360cf3acde93dd61e3abb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--k_h8VWsGtQq5PA99V-oNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--k_h8VWsGtQq5PA99V-oNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 11:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 11:27:51 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 41ms
40ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VcYoLelpGpgbqpD2OC9-Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-VcYoLelpGpgbqpD2OC9-Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sankeymatic.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
33ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BtUO4_irW1vD2g7uk3d_5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BtUO4_irW1vD2g7uk3d_5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sankeymatic.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nWAwfzblEC-D6r4G7D_87A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nWAwfzblEC-D6r4G7D_87A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sankeymatic.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQCB_Ti7rCjpFvu7SoOdjpa6mg91E-rrvlm7Hx9vsfuug4lQkU52zTBIAeDIwuJOzr2O4GS6x62FSEWrAEhhPy-jXF97LCWMUaNw8qZfJ-ca7f9Qr5lbQv882zMSGxSMm_qwHlOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KRAPUc616JyCmjqWvgsrUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KRAPUc616JyCmjqWvgsrUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sankeymatic.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUMR0L5BJaPoDtnf7mXQD1JUh-nMIqkSWtpV7Pk3zMAM65x4atUC9uAznd_22G6kHN43HDnnGxF-a9zD0jft2XgP59SG5_sDEaHL7qWX53-4bWNlUpRs76lVd9jvXQWrezQPuKp1A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUMR0L5BJaPoDtnf7mXQD1JUh-nMIqkSWtpV7Pk3zMAM65x4atUC9uAznd_22G6kHN43HDnnGxF-a9zD0jft2XgP59SG5_sDEaHL7qWX53-4bWNlUpRs76lVd9jvXQWrezQPuKp1A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2OTQ3MDI2LDExMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2Fua2V5bWF0aWMuY29tLyIsbnVsbCxbWzgsImlqVmR0M3NmMXRzIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f92fea19c2b5d7ec9002222c77f63d1e524693b6eb4f61f5f5d8c4e07915a4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AphRc34keQJ_7REBrdhTyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sankeymatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-AphRc34keQJ_7REBrdhTyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW8lnaRz56wC1INYHnF9RMADA8Asj9nQXyYIMxFDn_-GN9sXL4yxijpzNbfegbYM2yZz583zzoGmPrjiM90gafehkgkbaUt1V_sMOVOPonDwXxFK3nTq6sC-5ofIMZVbP7iDng5Bw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
36ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW8lnaRz56wC1INYHnF9RMADA8Asj9nQXyYIMxFDn_-GN9sXL4yxijpzNbfegbYM2yZz583zzoGmPrjiM90gafehkgkbaUt1V_sMOVOPonDwXxFK3nTq6sC-5ofIMZVbP7iDng5Bw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KoxKAqxwufc22kFLuxuOMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sankeymatic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 14:10:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KoxKAqxwufc22kFLuxuOMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sankeymatic.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sankeymatic.com/	1970-01-21 00:44:03	Name: __gads Value: ID=727a17f27d31ba59:T=1696947022:RT=1696947022:S=ALNI_MbdZ2jgJud3Cr0HWPrBc6XAsF88yg
.sankeymatic.com/	1970-01-21 00:44:03	Name: __gpi Value: UID=00000c9478306900:T=1696947022:RT=1696947022:S=ALNI_MZPeIHVAdmo8fZpv-hHCBlTeTl0mw
.doubleclick.net/	1970-01-21 00:44:03	Name: IDE Value: AHWqTUkGXdEuOC5CX6nQBe_r70_PZ04lLlJ7nJA081XG0s-Q527FHYU0keyJ61qA3Nw
.googleadservices.com/	1970-01-20 17:32:03	Name: ar_debug Value: 1
.sankeymatic.com/	1970-01-21 00:08:03	Name: FCNEC Value: %5B%5B%22AKsRol-8LHSEAbefBHsIecMfsaPi3nvWzMKjoWacCapetHKjUusnDYnLs4l-dEMpVC0B1ocXyhMl7EzBtsUwCWGJ76fCzW9GvyE5snOfCN-0mdT-NjQzwVzA3aFKg7kbfdgnnjj8WeqH0c08jDai7S7ahC9ecn-aZw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
sankeymatic.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
209.197.127.46
216.58.212.130
2a00:1450:4001:803::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0768b9568253b17d989bbac9a8ec627eaf3f5e7db0360cf3acde93dd61e3abb2
0ddc48bddb87b390c79ec54981676891864d5212650f67480dde9f765de67ee8
0ed13a3789211ae9fc35c8d18ef43a29789132a72f4303b2dcb6120f59abe442
110e5715be4125e6ed79c7de07c170eba7fdc2a7f95efabe2fc19a889f685006
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
182145543b77859db848e021ec31d19d08d81b8c71c9a1481eb6df284a16e75b
1d188bf1bf4775cc23537f4302986303cd228ad488255523ff1cf672ae3cfb79
2c061951b85e21e5a02f3137a64677abbf97b2812a5ad55ec193f782e5c1d2d8
2c7034fb2c03708e1ea2be0cfce5d38a1a9dfa13c0824921ba5a0fdc5d5d075e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edd6490f30dc06dd972d7b58fb25909918cb1e179c07c3c413f200bb971e0aa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
398adbf6d0fe17e7593c10b90e94aa96195827ff0c66f1102c67fd24fe79e20f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
416906888024e87bf05f9a41c49d229fb14f75d96a9e0e0fcd038e1fbe09ec40
42f4305be7d19c0e30cf0c66277538d8685121275dcd1d207f03d77c99607764
43b8c706430d5f829d7aba62cdcb1b57dc997f3abb40e4b4456616b831baea57
477031ee2383d0fa91e4d46c7d1777aab2cf251335f990c40fc741fc5a69c040
48678df5f6146419a9d3dd2d4a908100b46763a9ca7edd4421fdc30e6bebca5e
4ffcc921bd1f2de2973c91508fc351100674f935ef02eaf7bdb9c30c138c1568
502a731b0a29a2d00d052d498556655bcf647b7fdb5f6b59a20ef43c71d8c644
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dc87c08f0c8993d9bebf9ed80780d82b1ca46578cd3b44e39855f84aae4a119
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
71d76c14bcd5e216e37d7f76e5f5b0e862fdc9a819ec3afbfe4973016a30f601
7963b7713b3d84c61303b21de7bbb1ccc7614391b010f870d0049b8088163e39
7e862f7a0c73f148d3b108034c60fa6e05520b4b286bf90323b609b85ebc5074
8e79048744eb8ec4e7654dd4cbc030b5d222630bbe2f6c1decc93b1f76e7ac99
9207329618d66a0d9d0a988e9c3f95d1467a08394b26b70246cbdce8b31d816f
9f92fea19c2b5d7ec9002222c77f63d1e524693b6eb4f61f5f5d8c4e07915a4d
9fba643085e2be90864cb430346e4fccd9c28e52cd5317f9ae397f93fecf547a
a17b4b98116ac8a7dfd7df75b2dfe1b5e473c4f6408a61e99bb9ff4df6793f5d
a587a4332969983dd5e4f7e6b120ffe44f5d1a3cc81e88bafa7aa7156b5b08ba
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ac0432acb63380486ede98dbfe6c038378145738f3c3f0e14435e5a67e32b9cc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b436df34020bc978f7d58c824c272395764df56633d2c66d3d907363b7550891
b8e34d9beff25cea85a5e14f613c163579a3e034ecbce2a2999d6665844a214c
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7c1e066a7ea8ccff2916e158c9e6c40930d96836f41b79a1a9b499b2ca1d2e7
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0cbb97e2188d327c3f301bcb207685073aac0b3b53dae8b66e9ea37f4fd7a08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f6bab015dd440637c1e5887e3aed324930f51182a866f1525f20f9bcbcf328
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

sankeymatic.com Open in urlscan Pro 209.197.127.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

77 %IPv6

9 Domains

14 Subdomains

14 IPs

2 Countries

1255 kBTransfer

2461 kBSize

5 Cookies

7 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sankeymatic.com Open in urlscan Pro
209.197.127.46 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

14
IPs

2
Countries

1255 kB
Transfer

2461 kB
Size

5
Cookies

76 HTTP transactions
2 data transactions