winterolympicspass.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://olympics2021info.com/
Effective URL:
https://winterolympicspass.com/
Submission Tags: phishingrod
Submission: On September 07 via api (September 7th 2023, 6:15:23 pm UTC) from DE — Scanned from DE

Summary HTTP 121 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 8 countries across 20 domains to perform 121 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is winterolympicspass.com.
TLS certificate: Issued by E1 on August 31st 2023. Valid for: 3 months.

This is the only time winterolympicspass.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:6f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4 13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 3	52.28.44.182 52.28.44.182	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:4651:7745:94d9:24ca	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:46cb:fe9c:ee4b:82b9	16509 (AMAZON-02) (AMAZON-02)
121	17

1 2606:4700:3036::6815:6f2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

olympics2021info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

winterolympicspass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.44.182 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:4651:7745:94d9:24ca (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:46cb:fe9c:ee4b:82b9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	519 KB
26	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259	210 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	234 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180 www.googleadservices.com — Cisco Umbrella Rank: 156	611 B
7	winterolympicspass.com winterolympicspass.com	289 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	283 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 991 r.turn.com — Cisco Umbrella Rank: 4368	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	815 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 660	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1052	3 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490	1 KB
2	seadform.net track.seadform.net — Cisco Umbrella Rank: 91049	853 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2053	297 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 41280	647 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3462	104 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 633	363 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 935	713 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	542 B
1	olympics2021info.com 1 redirects olympics2021info.com	557 B
121	20

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	winterolympicspass.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	cm.g.doubleclick.net	2 redirects winterolympicspass.com googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	winterolympicspass.com
7	winterolympicspass.com	winterolympicspass.com
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	c1.adform.net	3 redirects
3	pm.w55c.net	3 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	r.turn.com	winterolympicspass.com googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	track.seadform.net	winterolympicspass.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	olympics2021info.com	1 redirects
121	25

This site contains links to these domains. Also see Links.

Domain
worldcuppass.com
paulvsfury.com
www.oscarstime.com
www.sportspromedia.com
www.fubo.tv
themeisle.com
wordpress.org

Subject Issuer	Validity	Valid
winterolympicspass.com E1	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://winterolympicspass.com/
Frame ID: 1748160E455E2E3A95F9878858BA9852
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 95ACB503F6B6AFFD56F59213EEBF7377
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&adk=3105533540&adf=2621220088&lmt=1694103318&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110518480&bpp=29&bdt=198&idt=467&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2894653406843&frm=20&pv=2&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=494
Frame ID: EA4AA727690CC58C66E0B51C9209F396
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=1483442758&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1120&fwrn=4&fwrnh=100&lmt=1694103318&rafmt=1&to=qs&pwprc=7073931503&format=1120x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110518509&bpp=2&bdt=228&idt=470&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=476
Frame ID: 0386B5BE27B17E38C9CAF30C9631D85C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Frame ID: 6541EB04227F2E4196FC58A45722062B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=2933007315&pi=t.aa~a.3914302165~i.25~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2312&idt=1&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280%2C789x280&nras=4&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19
Frame ID: C30898AC8614255FCBAE7CE484888B07
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 2655224E566B28F58731009CF9DE8BC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: 88E74B72EA60F23D0F3247F41DEC873F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: F9C20C1D9C3462B2BFD125E333A661D7
Requests: 14 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Frame ID: C59799EA87045F1A681351D0FF4539E3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C3440F86512F5D8902C64C59D280DF82
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 61575DFAE8C21E9F3460D7EB38363340
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 60DFE66670C43419736DE8423698F170
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 506DE918E17D44B573A0CFD736BCD26F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: A346F4AC082C89CA0DA0675808C7EE9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 605B8FECD4AA309105632411510CD3F7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 77D1309FB5D6621D4B888CEDF9221993
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27EACBC3BB3D999B408B071A560A2CF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61E9F926054AB2CB7D9A20FDDF97FA55
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winter Olympics 2022: Live Stream, Schedule, TV Channel, Watch Online

Page URL History Show full URLs

https://olympics2021info.com/ HTTP 301
https://winterolympicspass.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

121
Requests

88 %
HTTPS

61 %
IPv6

20
Domains

25
Subdomains

17
IPs

8
Countries

1544 kB
Transfer

3863 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://worldcuppass.com/schedule/
Title: FIFA world cup fixtures 2023

Search URL Search Domain Scan URL

URL: https://paulvsfury.com/
Title: Paul vs Fury time

Search URL Search Domain Scan URL

URL: https://www.oscarstime.com/
Title: Oscars live stream free

Search URL Search Domain Scan URL

URL: https://www.sportspromedia.com/news/nbc-usa-networks-sports-coverage-2022-premier-league-nascar-winter-olympics/
Title: NBC

Search URL Search Domain Scan URL

URL: https://www.fubo.tv/lp/cordcutter/?irad=565996&irmp=413786
Title: 7-Day Free Trial service

Search URL Search Domain Scan URL

URL: https://themeisle.com/themes/neve/
Title: Neve

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://olympics2021info.com/ HTTP 301
https://winterolympicspass.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://googleads.g.doubleclick.net/pagead/adview?ai=C_LbCNxP6ZJZWg7H7BtSCvXC2zYLdcendw9DQEbXOmrONDhABIMfDsyNglYKAgKwHoAHvieLdA8gBCakCPoI-J8vxsT6oAwHIA8sEqgTeAU_QXBoqKKsPcOgo_f8OGx2Etsv5XQHMEu1e5PLRVFlFLehwljsX8n_auTvimFk9NZi6Jhxc7ceNaaGnZB_sHuaN-5oCnanLNDaPRP0E1d0bQltdpGh3ivacK4WyVwqpSmbX_V1S7rrt1twMn0fokGkz0yaL5WrH-n19XZk7HqquMWRFmGYIzO6AcF7mBlI1yyJhqT6DnhGG0Dqgaesm6TY12we4WU1vtbLDX1hj9BQpumrBIhSreVMGsVKdKhWgNChWDY9kBaVdILUifw7TPmC5koZOh-9TxtAeWr5H-cAEzvac9fUDiAWesJmeIJIFBAgEGAGSBQQIBRgEoAYugAegm6h1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3vhv0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJnAFodHRwczovL3d3dy50ZWxla29tLmRlL21hZ2VudGEtdHYvdGFyaWZlLXVuZC1vcHRpb25lbi9tYWdlbnRhLXR2LW1pdC1pbnRlcm5ldC1mZXN0bmV0ej93dF9tYz1kdHJfdHZtdG10eHhfMjExMTI2Mzo2NTkxMzA3OjU5NzQzOTI3I21hZ2VudGEtdHYtcHJlaXMtdGFiZWxsZW6ACgHICwG4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTk5NzczMDE4MDExNTU4MzkYAA&sigh=RA5qXu4vmJo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW17Rz46VF2sCCzbujjZT2prZEpDUJeBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221129638516109148147%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225009931649914679825%22}&andc=true

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmu5SNxP6ZMiNBIzUsgfN85aAA7bNgt1x6d3D0NARtc6as40OEAEgx8OzI2CVgoCArAegAe-J4t0DyAEBqQKhWNdLPPWxPqgDAcgDywSqBN4BT9AnXhdLJJOoELwJPcAlD_C_NIEZOraeNwE3HnbPuFlo3kMs03cc__0xi9grbAdX0r0-O2xYqS6R9Vuq2jgO-HC5KnNxcbycjKSd5z9O0M7cAcXCfXbh2pZXEa2lKAeBKVpJtpuV9T00fCf4GTTkQ3wtmK_q007g5iZkPmY_HsnJZtMrh7p_jVUup3Y4XtmuvcEt0bOZrlTvCWFoHNH5lQ3E0dawqNjNeqBozxKqQXaToP8QGcoB_vLdiClV1KAHoM_9m5J6CCWvTeurJ4sIa5AIW5mIL31i6jydwDNnwATO9pz19QOIBZ6wmZ4gkgUECAQYAZIFBAgFGASAB6CbqHWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC86jXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmcAWh0dHBzOi8vd3d3LnRlbGVrb20uZGUvbWFnZW50YS10di90YXJpZmUtdW5kLW9wdGlvbmVuL21hZ2VudGEtdHYtbWl0LWludGVybmV0LWZlc3RuZXR6P3d0X21jPWR0cl90dm10bXR4eF8yMTExMjYzOjY1OTEzMDc6NTk3NDM5MjcjbWFnZW50YS10di1wcmVpcy10YWJlbGxlboAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05OTc3MzAxODAxMTU1ODM5GAA&sigh=2Uz8EPXSbZQ&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW2gt_QXn9zrz6H9pQrP9o_ZJighFYURgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216521643781769281832%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221967585199116809345%22}&andc=true

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1&google_push=AXcoOmR5cGLIjGoNIGX-GMsdHZbeYEa1jxKxVAJmQGpqihJjtkQfXwTYcwR6iQiUF1AWRzTlum5W935E1WoRscyaWP_lVFJpeF5Fsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyNzI2OTA4MTEzNDYzMTkyMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1

Request Chain 79

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQwotJSR0aWIqrrSeOKVtBT30t8U2Lh4DU4WN7mgElyxtOiANnts6sr HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQwotJSR0aWIqrrSeOKVtBT30t8U2Lh4DU4WN7mgElyxtOiANnts6sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQwotJSR0aWIqrrSeOKVtBT30t8U2Lh4DU4WN7mgElyxtOiANnts6sr

Request Chain 80

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEDZzslk-y8JieCBBw0CrFw&google_cver=1&google_push=AXcoOmQIDOhBxNhUrnYV-ODWCPV83w7Q0-e9Q_GTbKkGZht5yaupdsBj4dOat4FSb9aJrHiNkspyoW5eBvhGsUhoruv3V-EdInMgsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEDZzslk-y8JieCBBw0CrFw&google_push=AXcoOmQIDOhBxNhUrnYV-ODWCPV83w7Q0-e9Q_GTbKkGZht5yaupdsBj4dOat4FSb9aJrHiNkspyoW5eBvhGsUhoruv3V-EdInMgsA

Request Chain 81

https://um.simpli.fi/gp_match?google_gid=CAESECGHM1ldNRM-lkuQmi1ghao&google_cver=1&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy8jva1fRuTsJu5gQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B99883A5E72495BB329742118FF9209&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy8jva1fRuTsJu5gQ

Request Chain 82

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELU8hd6ecONfLh-SV-taxaU&google_cver=1&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmSvJjcYqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmSvJjcYqw&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B

Request Chain 83

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHcQxbwddB4FlnV6HbLWaic&google_cver=1&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc22wnh73yruVyEHo5-wyPz HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHcQxbwddB4FlnV6HbLWaic&google_cver=1&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc22wnh73yruVyEHo5-wyPz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc22wnh73yruVyEHo5-wyPz

Request Chain 86

https://googleads.g.doubleclick.net/pagead/adview?ai=C0in-OBP6ZKaGJ9iP2fcP1fOJYIeejehy5O31j5gS5v-c5N0_EAEgx8OzI2CVgoCArAegAa3Ei8cpyAEJqQI-gj4ny_GxPqgDAcgDywSqBNsBT9A8pF5eINGiFr3NZCyA1MmzCKJIkPZHO1ZhTmjgpDmh5h__frOBqT3CCLdpuUqUbvhEamtF5Ffw0-51sxCnstNexMzBgMc9BlF73uweKTyuwNmPwEnoInYYsH21ilAMWdBR7V1ojX2hjoqwRgq94E8kR7H9XmwuuOj3cKtPPapKzxb2KxdhzZUV9NBLsgcmiVaZu2HFLy2m13e3SbNB39ZqRR2wORYpjojAHJUttrmAkTdTH4Mf-8JyiLFJ2P8P14C0H_u-0_vOCg39OqmCh8J-KuIUUQWrCzY2wATFrc6FqwSIBaH53ZFMkgUECAQYAZIFBAgFGASgBi6AB9yH16gEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5fEa0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJNWh0dHBzOi8vd3d3LmR5bi5zcG9ydC9ha3Rpb24vd2lsbGtvbW1lbj9nY2xzcmM9YXcuZHMmgAoByAsBuBPkA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi05OTc3MzAxODAxMTU1ODM5GAA&sigh=ELqdlyCdHQI&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWntRy2KsezGmI8G2r6X8u-SSMlWVs1umm_gSc9yrjaEMv3oqSKyMwDHTenMsyXIZakjx1iZTFGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228888488556936859459%22,%22debug_reporting%22:true,%22destination%22:%22https://dyn.sport%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211154940461%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223265911094631059185%22}&andc=true

Request Chain 103

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1&google_push=AXcoOmS_vJvkPq6TmFkWA4GX93iuNQCtOajuV1Ttb0oQNzOlu7YEm3BE0iB9Yrsp6R9avaVte5rvnSBU8W6pGIA3hx-fbENN19fSKwdn4kMaO4VJeRl5do1XMW-1tOQEuyT75mv5hUR-5bgEcaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyNzI2OTA4MTEzNDYzMTkyMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1

Request Chain 105

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cver=1&google_push=AXcoOmTyGSjiCvnmf5N9O6h-cSbpJPHY8IabWK4WZifpFEWAWzwTUH6hSfooxyxhV7Pi788E3lfuQy-9HkzBrM1nF284XFkbinLyTJ44AK8LS2Ms47EOyIuBaDQEO1f-DsMhqMkvuDxkQKumqbE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cver=1&google_push=AXcoOmTyGSjiCvnmf5N9O6h-cSbpJPHY8IabWK4WZifpFEWAWzwTUH6hSfooxyxhV7Pi788E3lfuQy-9HkzBrM1nF284XFkbinLyTJ44AK8LS2Ms47EOyIuBaDQEO1f-DsMhqMkvuDxkQKumqbE

Request Chain 106

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHJ4GYAd6NY70IWMQIWXKYE&google_cver=1&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLijJBLavaUrr_HFvI_NQlxhwIjBNdll61wSz4OrrLXYHoWKI4tNNtpgn-ExO5imRfiU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLijJBLavaUrr_HFvI_NQlxhwIjBNdll61wSz4OrrLXYHoWKI4tNNtpgn-ExO5imRfiU&google_hm=Pp3rJ8o6Tz6P_rdd1APYGBM

Request Chain 107

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPxe8b8J0LL4DD_ZuYUZQWQ&google_cver=1&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_wFWb3e_T0JOOR0-NcZcQUvxYBtYdMNHxaRWTCq5W-ZyigD4BSEQbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_wFWb3e_T0JOOR0-NcZcQUvxYBtYdMNHxaRWTCq5W-ZyigD4BSEQbA&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B

Request Chain 108

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_vXszdR_ww1w39wIbIFmA&google_cver=1&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6zCd5omVc1tl-as-kSfjsQMEnIRr2EU72BRfyVg3ao5FDuSqUrYjCOEawxed8Ysq2dmPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6zCd5omVc1tl-as-kSfjsQMEnIRr2EU72BRfyVg3ao5FDuSqUrYjCOEawxed8Ysq2dmPA

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=C9L6kOBP6ZN6VJ7yD2fcP87OUwAvsmczrcsPF8Ib5D-ucgLjLHhABIMfDsyNglYKAgKwHoAHBstPbA8gBCakCoVjXSzz1sT6oAwHIA8sEqgTeAU_Qgd-6rAdoZ-ZHW0Zeuts7TdCM72RxjPeYPkGbQgBj647a2fciPXOzckRUjrVaC8lmS6yilxXJBstcOLmrO2geDoOFBFj85khid21CBTMaKdN_ezdFIL2DVs3WXOgUpyPFTuCSUEx1sCgoUyK3sOHfc40VCqmHkOQKCleMDjIFLksHCNmaNs2MuMDT89S3hB3Ai3SaYXFy3N8Eu3-xmsw_ZetADGKbSkC6AJCQCvHWk4rM05fo8D_0XfhmqMF1FRWBojFNhBwzF_tNZ55Mz9tXmnN7fTk5wZsbcsPpoMAEw76wtb0DiAXd68LXK5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeB2OegAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJKFDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRtodHRwczovL3d3dy5qb3luLmRlL2xpdmUtdHaACgHICwG4E-QD2BMMiBQE0BUBmBYBgBcBshccChoIABIUcHViLTk5NzczMDE4MDExNTU4MzkYAA&sigh=dDKOQ3S5374&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW8yS-zyWBYEIig7XQcF-5Vq3Ra0E6saNJMEvaQv9sSY0X3nIRnCRAm9L0DMYBJ76yzrPX81sRGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229776653492309939245%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997513537%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222622133107674522801%22}&andc=true

121 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winterolympicspass.com/
Redirect Chain

https://olympics2021info.com/
https://winterolympicspass.com/

86 KB
21 KB

619ms
522ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d3eee1f47887986736f9ad06df250a600fd2e0f93744b4cf17335dd6d87ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8030efb00b1b362a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 18:15:18 GMT
link: <https://winterolympicspass.com/wp-json/>; rel="https://api.w.org/" <https://winterolympicspass.com/wp-json/wp/v2/pages/85>; rel="alternate"; type="application/json" <https://winterolympicspass.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smhk9AbVWGuZYA837zlpRcL1mBL1AeV9EM0nwj7dl1GvhcujCcsVfTCqxUT4oNv02d4XZ0NpncoNEZamL3Y%2FTVU7DmWVZQjSzfFUDJu2iYjLRf9z7aDpLrslgYtd9CUYcW535vLYNoTKC%2FzW%2BrxNXLqmrpH8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8030efadede59968-FRA
content-type: text/html
date: Thu, 07 Sep 2023 18:15:17 GMT
location: https://winterolympicspass.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lfspwK0RarizTottAhOrkSQKJ%2B9v%2FQ7gBvbxrXac5bUYb4AB0P00QqN6JyXVvI%2FJbNc1lYFudSpwl%2BNgLF9njvd9Dh%2BA%2Bpx09%2FOxkFiVNuadbdXi5PMYo1VAQD70CwM54PR8UadnHOo%2B7%2BGJglD7JKwfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
winterolympicspass.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 450ms
449ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winterolympicspass.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jul 2023 20:43:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrXxYcUGvY6UpkNiKV5vTPSqymmnFtM2ZwegCBUuXB0DqnlFldgQXOMP5vHHdt3Im6rH4xlbSzJDlVdTNLZLM%2BlX9HeJKyJAiZSlIJyl47HX3eaIY232iBfSbnYCrwNZ%2BlPU7fCOAPqewd2wdNVSzuKjobPb"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8030efb3487e362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H2 200 style-main-new.min.css
winterolympicspass.com/wp-content/themes/neve/ 38 KB
9 KB 449ms
448ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winterolympicspass.com/wp-content/themes/neve/style-main-new.min.css?ver=3.6.7

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105a2caeda0c0b2f6b9954381cca0a19f1428fe84f495fc7ebdf595f7004bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Aug 2023 15:19:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsOxvHT5i9FpvW4irtTkj%2B1CWXr1eyJlrvxLjFlHbWSGxf0Cj7WjJ0V0E3lVetOVA1gt7ZkS1rnXq5Kbz8mHm0a7BPheGGD4DvS5Hr6NjJEXE1TUTyV%2Blh9SHttibS28Inl%2FFd4h7rpeACSB8NG08uImMu6H"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8030efb34881362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 130ms
83ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9977301801155839

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bbbb775be1eb2ea5909c5640f8ee004e5ef9501db47acb5d0fd7fc8e1c48cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Origin: https://winterolympicspass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51005
x-xss-protection: 0
server: cafe
etag: 16032919921365703186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:18 GMT

GET
H2 200 Winter-Olympics-Pass.png
winterolympicspass.com/wp-content/uploads/2021/11/ 7 KB
7 KB 434ms
434ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winterolympicspass.com/wp-content/uploads/2021/11/Winter-Olympics-Pass.png

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bbaa4710a3fa653a00e93e594f3b64a771b7b38e32f788b9e4947ea11719b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6821
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Nov 2021 04:50:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuZCLXgCL7LE98PTT%2BJg%2B%2BTYcJDxGBF%2BYrXOI76qdxVzpdGENr%2Bg%2FHNsPHD7eDwj2VTV9lWqY7FK3lD5SOfuWgzp00GlyLRY6wFhmdIbeA%2F9TSf%2F8L%2Fml15jlWDoAa9qk1lb5790KwroXD1LlemoK8v%2B2VYn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8030efb36899362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H2 200 winter-olympics-2022-live-stream.png
winterolympicspass.com/wp-content/uploads/2021/11/ 139 KB
140 KB 848ms
847ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winterolympicspass.com/wp-content/uploads/2021/11/winter-olympics-2022-live-stream.png

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e548f050d2884e29d1884c714f7893b27d96eb814be0245364cf9aa5b22a17aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 142492
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Nov 2021 07:25:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkRRhaRiO3WUiH5BDnLwPP5hPdGUNidV7yUIaPMkkDikDFjkk51rXgQBv0jHtlkLPRiYwiaKr%2FItpV89hyxYUg%2BJEM%2FkpxCCeb93LkRDktzpSXoL3Dn%2FM3dIGRAk40x9PmabqUVT4lNf05082qx7qrh3vw1B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8030efb34882362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H2 200 how-to-watch-olympics-2022-without-cable.png
winterolympicspass.com/wp-content/uploads/2021/11/ 95 KB
96 KB 1000ms
1000ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winterolympicspass.com/wp-content/uploads/2021/11/how-to-watch-olympics-2022-without-cable.png

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f950e8a2d5253a968e996263f8565a82282ac5c5a9c6cc47549ec30810ad5728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 97581
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Nov 2021 07:40:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtpkvGIVe18sOh6g4TIWQfMB7yzPzXetTiSjkYXzDgGTv2RlGsf40PT0DAK%2Bz6TzKcbYDJqBp03nWT7zXxTFSNZhCi7a%2BrZIGcvmbvwSUuPYF1NfIOFtyajm4nA3PG9QT6l7vwu99UdKUkD63SAflV9tw8gF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8030efb3689a362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H2 200 frontend.js Show response
winterolympicspass.com/wp-content/themes/neve/assets/js/build/modern/ 7 KB
3 KB 434ms
434ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winterolympicspass.com/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.6.7

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4542ff08e1ba2a0ed00a5cfad08d11576c7defed9058ea6edcbce62346ef2689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Aug 2023 15:19:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPQqg75QXIAfGKGTqcEz7z%2FcB4Vc8H%2BYIsgni7QgYVG5AiuYFY4Ztsrt%2B1roHwuD25LtJIjKUS7k%2FhzRDEvzMR%2FvxbexPSTQgRNH7pOhR26GNntywEaqPvcAme6kETE4x5qtN0UzwoCuk%2FiyWZfGLYpjq1t2"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8030efb3689c362a-FRA
expires: Thu, 14 Sep 2023 18:15:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309050101/ 379 KB
129 KB 369ms
92ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9977301801155839&plah=winterolympicspass.com&bust=31077667

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9977301801155839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13dc8074d30db1a46f4af6f5dd73b2833ef0b70b734de82d0e9e10695bb1ae61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131688
x-xss-protection: 0
server: cafe
etag: 18052167713580532931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 95AC 10 KB
5 KB 254ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9977301801155839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 22:38:13 GMT
etag: 8554266389219770021
expires: Wed, 20 Sep 2023 22:38:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 411 B
611 B 75ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=winterolympicspass.com&callback=_gfp_s_&client=ca-pub-9977301801155839

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9977301801155839&plah=winterolympicspass.com&bust=31077667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50bc4d03e30ad8b3657d86f0cd841968b7b6249311fb4a7b696af812b499570b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA4A 350 KB
81 KB 1507ms
1506ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&adk=3105533540&adf=2621220088&lmt=1694103318&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110518480&bpp=29&bdt=198&idt=467&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2894653406843&frm=20&pv=2&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=494

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6ad2841c8e57b5e54138fe7544803b0ff07ac8d05265b06cdb78afe1dd573a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 82218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:20 GMT
expires: Thu, 07 Sep 2023 18:15:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0386 105 KB
37 KB 1252ms
1251ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=1483442758&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1120&fwrn=4&fwrnh=100&lmt=1694103318&rafmt=1&to=qs&pwprc=7073931503&format=1120x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110518509&bpp=2&bdt=228&idt=470&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=476

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2848d20aa1fc5ce54ca74074cde354dfd280bed0f3f1534352972781d73dcde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37525
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:20 GMT
expires: Thu, 07 Sep 2023 18:15:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0386 4 KB
1 KB 77ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=1483442758&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1120&fwrn=4&fwrnh=100&lmt=1694103318&rafmt=1&to=qs&pwprc=7073931503&format=1120x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110518509&bpp=2&bdt=228&idt=470&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:15:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1200580154681138527/ Frame 0386 29 KB
29 KB 82ms
36ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1200580154681138527/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38e00bba472cc4ba9cbf98be960d28be361baf5981488523170d8b9983ebbfbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 02:48:42 GMT
x-content-type-options: nosniff
age: 228398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29481
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 14:33:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Sep 2024 02:48:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0386 2 KB
945 B 57ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 0386 23 KB
9 KB 52ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0386 3 KB
1 KB 66ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0386 20 KB
8 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0386 181 KB
57 KB 219ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 0386 36 KB
15 KB 209ms
18ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14618321753151929797/ Frame 0386 672 B
1021 B 56ms
36ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14618321753151929797/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4030bd6b50358900a7903ecc5032f6ce265b0cd800a21aec26fd4901fa471fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 07:47:10 GMT
x-content-type-options: nosniff
age: 469690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 07:13:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 07:47:10 GMT

GET
DATA 200
OK truncated
/ Frame 0386 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b9966c95c0f5f392937b5e11f78c5b8cda438d62e7a4962734b77d820e115a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309050101/ 154 KB
52 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309050101/reactive_library_fy2021.js?bust=31077667

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53112937874106107438db689d80d54eca34712488fa9245298203ff15b2fd09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53662
x-xss-protection: 0
server: cafe
etag: 8780274118703342166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6541 108 KB
38 KB 1425ms
1425ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8691294cd28a96f9288d7a6a9d4d76899c52034f8a2eb97f274f1c5af9af7017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:22 GMT
expires: Thu, 07 Sep 2023 18:15:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C308 111 KB
38 KB 878ms
878ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=2933007315&pi=t.aa~a.3914302165~i.25~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2312&idt=1&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280%2C789x280&nras=4&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7932f4eac061a1b3348ed57ba63d3e2276d53829c8fe0d1f32b97c1ca2ba83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:21 GMT
expires: Thu, 07 Sep 2023 18:15:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0386 16 KB
16 KB 91ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 175746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0386 15 KB
15 KB 94ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 72424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0386
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_LbCNxP6ZJZWg7H7BtSCvXC2zYLdcendw9DQEbXOmrONDhABIMfDsyNglYKAgKwHoAHvieLdA8gBCakCPoI-J8vxsT6oAwHIA8sEqgTeAU_QXBoqKKsPcOgo_f8OGx2Etsv5XQHMEu1e5PL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221129638516109148147%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22...

0
0

109ms
56ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221129638516109148147%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225009931649914679825%22}&andc=true

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1129638516109148147","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"5009931649914679825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 18:15:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 18:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1129638516109148147","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"5009931649914679825"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
track.seadform.net/adfserve/ Frame 0386 35 B
427 B 154ms
29ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.seadform.net/adfserve/?bn=66022514;1x1inv=1;srctype=3;ord=1023708869&cbvp=2

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2655 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 88E7 10 KB
4 KB 25ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 19:03:35 GMT
etag: 8554266389219770021
expires: Wed, 20 Sep 2023 19:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame F9C2 10 KB
4 KB 23ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 19:03:35 GMT
etag: 8554266389219770021
expires: Wed, 20 Sep 2023 19:03:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 110ms
54ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 18:15:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 88E7 4 KB
744 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 18:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 88E7 205 B
520 B 23ms
20ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:44:17 GMT
x-content-type-options: nosniff
age: 264663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 16:44:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 88E7 604 B
695 B 23ms
21ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 76241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Sep 2024 21:04:39 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 88E7 15 KB
7 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:15:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 88E7 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:29 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame F9C2 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:39:46 GMT

GET
H3 200 f856f4b47c09da6d0b154076f7e12b61.js Show response
www.gstatic.com/mysidia/ Frame F9C2 11 KB
5 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f856f4b47c09da6d0b154076f7e12b61.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bf7cb52350f1db5e4337d7e318537af4b9cd61f31e06e3cc2a0912c6c41e0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4873
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 22:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 12:57:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F9C2 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:16:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F9C2 2 KB
892 B 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame F9C2 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F9C2 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F9C2 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9C2 181 KB
57 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame F9C2 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame C597 9 KB
4 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:39:46 GMT

GET
H3 200 437d2a336ada2335bfa746e2378bfa56.js Show response
www.gstatic.com/mysidia/ Frame C597 142 KB
52 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/437d2a336ada2335bfa746e2378bfa56.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95a6555232b9241a5c939e2eef52e7858dd3bfc1ae43e92ca6638e7d9537b4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 00:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53350
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 00:00:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C597 21 KB
1 KB 36ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:16:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14618321753151929797/ Frame C597 1 KB
1 KB 33ms
30ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14618321753151929797/14763004658117789537?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72b40c27c2b390d44e2e64bd6a69e4f059376d587696093a9d66f632d7973f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 03:25:27 GMT
x-content-type-options: nosniff
age: 485393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1152
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 07:13:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 03:25:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C597 2 KB
892 B 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame C597 23 KB
9 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C597 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C597 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C597 181 KB
57 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:20 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame C597 36 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C344 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 17:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d0df57f4fb6a338bcdf6e8e41a371274ee924c5f443656a6f6b7b2b1562bf28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F9C2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmu5SNxP6ZMiNBIzUsgfN85aAA7bNgt1x6d3D0NARtc6as40OEAEgx8OzI2CVgoCArAegAe-J4t0DyAEBqQKhWNdLPPWxPqgDAcgDywSqBN4BT9AnXhdLJJOoELwJPcAlD_C_NIEZOraeNwE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216521643781769281832%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%2...

0
0

66ms
66ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216521643781769281832%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221967585199116809345%22}&andc=true

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16521643781769281832","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1967585199116809345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 18:15:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16521643781769281832","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1967585199116809345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
track.seadform.net/adfserve/ Frame F9C2 35 B
426 B 29ms
29ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.seadform.net/adfserve/?bn=66022514;1x1inv=1;srctype=3;ord=2535750253&cbvp=2

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C344
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:21 GMT
expires: Thu, 07 Sep 2023 18:15:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6157 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 60DF 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 18:15:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C308 4 KB
671 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=2933007315&pi=t.aa~a.3914302165~i.25~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2312&idt=1&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280%2C789x280&nras=4&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:18:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame C308 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C308 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C308 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C308 0
0 28ms
27ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrSHJDrSEjvAFksCDxJUGN0MqhdoRwJ2S0leFt4axQ2GZHDq97swk3JdJvFhlBKS0NWSulanFNmLLNLOUBWHEKBS8uZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=2933007315&pi=t.aa~a.3914302165~i.25~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2312&idt=1&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280%2C789x280&nras=4&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=2215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C308 181 KB
56 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:21 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame C308 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 506D 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Fri, 08 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1639188522027050498/ Frame C308 19 KB
19 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1639188522027050498/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84610aa3213a3fdd567b86285eed6d507df393d7d2ab9f6d8030bdce70aac22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 09:01:22 GMT
x-content-type-options: nosniff
age: 465239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19822
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 09:47:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 09:01:22 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16567648288793932302/ Frame C308 922 B
949 B 31ms
30ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16567648288793932302/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccd85bcbc294d7233afc2edb68f7c05426dcd3a35691c23b4b799e32d6fd0b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 14:36:10 GMT
x-content-type-options: nosniff
age: 185951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 08:47:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Sep 2024 14:36:10 GMT

GET
DATA 200
OK truncated
/ Frame C308 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a6c5e9e92fe1c9380e92b98d1467163756a5fecd361e377d99c839ed5be56d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C308 16 KB
16 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 175747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C308 15 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 72425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 506D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1&google_push=AXcoOmR5cGLIjGoNIGX-GMsdHZbeYEa1jxKxVAJmQGpqihJjtkQfXwTYcwR6iQiUF1AWRzTlum5W935E1WoRscyaWP_lVFJpeF5Fsg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyNzI2OTA4MTEzNDYzMTkyMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1

43 B
398 B

69ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1
Requested by: Host: winterolympicspass.com
URL: https://winterolympicspass.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOAMqi2Inbv_Aad6UIfqWaE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 506D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQ...

170 B
232 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQwotJSR0aWIqrrSeOKVtBT30t8U2Lh4DU4WN7mgElyxtOiANnts6sr

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 18:15:20 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEKXO3_xnWPNiApVu2UD1js4&google_cver=1&google_push=AXcoOmTdEkz0XChKlpglpS_97b0Wns2Qe_digWvzU6BIOHQwotJSR0aWIqrrSeOKVtBT30t8U2Lh4DU4WN7mgElyxtOiANnts6sr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 506D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEDZzslk-y8JieCBBw0CrFw&google_push=AXcoOmQIDOhBxNhUrnYV-ODWCPV83w7Q0-e9Q_GTbKkGZht5yaupdsBj4d...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEDZzslk-y8JieCBBw0CrFw&google_push=AXcoOmQIDOhBxNhUrnYV-ODWCPV83w7Q0-e9Q_GTbKkGZht5yaupdsBj4dOat4FSb9aJrHiNkspyoW5eBvhGsUhoruv3V-EdInMgsA

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230063-FRA
pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1694110522.642212,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEDZzslk-y8JieCBBw0CrFw&google_push=AXcoOmQIDOhBxNhUrnYV-ODWCPV83w7Q0-e9Q_GTbKkGZht5yaupdsBj4dOat4FSb9aJrHiNkspyoW5eBvhGsUhoruv3V-EdInMgsA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 506D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECGHM1ldNRM-lkuQmi1ghao&google_cver=1&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy8jva1fRuTsJu5gQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B99883A5E72495BB329742118FF9209&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy...

170 B
329 B

35ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B99883A5E72495BB329742118FF9209&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy8jva1fRuTsJu5gQ

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 18:15:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B99883A5E72495BB329742118FF9209&google_push=AXcoOmR-AeLVUOCt62KTx08HEVz4Vv-XZCnHZKjZ82mc13kCwydSgkVQYgsznvTtsX9ooTlEU8g_7ASeJt3weRy8jva1fRuTsJu5gQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 06 Sep 2023 18:15:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 506D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELU8hd6ecONfLh-SV-taxaU&google_cver=1&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmS...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmSvJjcYqw&google_hm=eS03MnhGWkFWRTJwSHlU...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmSvJjcYqw&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 18:15:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSsatrvWSifp4YaovZL6cl_R8hXsdqXZhbWZBj2J3owvXZpVVQQcXrYUax_KOgjTfJHdcJbWJFNIPafGXJsTluwAmSvJjcYqw&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 506D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHcQxbwddB4FlnV6HbLWaic&google_cver=1&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc2...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHcQxbwddB4FlnV6HbLWaic&google_cver=1&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3L...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXK...

170 B
232 B

28ms
28ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc22wnh73yruVyEHo5-wyPz

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmSHcGBrWQLLyp9X7BhplF3pGU2wqGkFvUJn3R6ETXf63Vq9xH0wjaC6EeXlZznAO5_3v3LQXKc22wnh73yruVyEHo5-wyPz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 506D 43 B
363 B 87ms
27ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmShNbkGd4UVQcAVTRWsGZXKwYZN20zJ5t4qjlkFVThufRmmPtbptMpHr8KYs2ARjD9DAnWFVDNzXRJ_xD6FwYCTvHDqLQK_&google_gid=CAESEKSd9xnIk9tOIlXdH1X3zRg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 203352
expires: Thu, 07 Sep 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 506D 0
130 B 87ms
27ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3ElRPa0UytdbjzEHSa0VgynTCQTlGOrLPZpeZuMN8Kcr80RS83tpXDf32KLEO3xCSIF8O

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C308
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0in-OBP6ZKaGJ9iP2fcP1fOJYIeejehy5O31j5gS5v-c5N0_EAEgx8OzI2CVgoCArAegAa3Ei8cpyAEJqQI-gj4ny_GxPqgDAcgDywSqBNsBT9A8pF5eINGiFr3NZCyA1MmzCKJIkPZHO1Z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228888488556936859459%22,%22debug_reporting%22:true,%22destination%22:%22https://dyn.sport%22,%22event_report_window%22:%222...

0
0

56ms
56ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228888488556936859459%22,%22debug_reporting%22:true,%22destination%22:%22https://dyn.sport%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211154940461%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223265911094631059185%22}&andc=true

Requested by

Host: winterolympicspass.com
URL: https://winterolympicspass.com/

Protocol

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8888488556936859459","debug_reporting":true,"destination":"https://dyn.sport","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11154940461"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"3265911094631059185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 18:15:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8888488556936859459","debug_reporting":true,"destination":"https://dyn.sport","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11154940461"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"3265911094631059185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame A346 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 18:15:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0386 42 B
174 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Q00RWb9zFe9srTXJD0lr5Yev4yLtamsdGELgmxyhdLzaHpxlUFaHPaUndsmgYumgt70er66KjpOEyNmGytw8g4kdBBkSHV133IpaSg6GuEJ6vxjnRw6Jr49K9IZ5jZ0FP5msAJYS9FjE&sai=AMfl-YS-BBF_rBXdqgQdM_kvdGzUps-T5XVrZrxfh5LKADEMEjg4NCyHVLxR953D9UTxz6Er_jXbQ-VzZO3f&sig=Cg0ArKJSzOJzSozNxYTLEAE&cid=CAQSGwBpAlJW17Rz46VF2sCCzbujjZT2prZEpDUJeBgB&id=lidar2&mcvt=1029&p=0,0,280,1120&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1483442758&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694110518986&rpt=1672&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6541 4 KB
655 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 18:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 18:15:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6541 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 6541 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6541 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6541 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6541 0
0 28ms
27ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3R7Rg3hRyT4f945hlUlCdh5PchkYUEJJGqFr19ZR2l_KhxPRA3Gs5ii4dV5n7iabxGVbofaN4LRV9DNVTw9y8pWRM_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6541 181 KB
56 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 18:15:22 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 6541 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 605B 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Fri, 08 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1056525848404490225/ Frame 6541 16 KB
16 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1056525848404490225/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6cf441ef2f87474a0d70759972f5d2440094233b944f3d2055f0c46e43650d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 07:17:47 GMT
x-content-type-options: nosniff
age: 471455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16293
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 14:28:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 07:17:47 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3297832587674907727/ Frame 6541 641 B
668 B 28ms
27ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3297832587674907727/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d05981a352efa421c60485209dc2474657af73521261f444f49b2a8ced6a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 07:45:03 GMT
x-content-type-options: nosniff
age: 469819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 04:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 07:45:03 GMT

GET
DATA 200
OK truncated
/ Frame 6541 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adc7fcd8aa812ba9cf1ec40ed9051b99fd83e16cb5fd1cd7615f84688b2aa3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9C2 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLR17pvFzHezuEpZn0E_pPtJiefgKlm_JeNPkd0D-0PU79Rm8N3uMPzeh4nlS4G_MxcsKi5adkzC8fB4E1H2-olKEuQwA3WOmcSoj8NKW-eXTOJtqC6KDN0ouEoWmJvOV-5H1RuJLTSudK&sai=AMfl-YSMqp_EBsh4j4Vr0zUGRhnH_e2s0ZqZWrd8wYiY7SaRy1ZlgM5UjVzEjViynlW6PV3Vf59IUkYdn4Mc&sig=Cg0ArKJSzHz05WVVkzfhEAE&cid=CAQSGwBpAlJW2gt_QXn9zrz6H9pQrP9o_ZJighFYURgB&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=104,787,1003,1102,1102&tos=104,683,216,99,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3105533541&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694110520710&rpt=257&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 605B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1&google_push=AXcoOmS_vJvkPq6TmFkWA4GX93iuNQCtOajuV1Ttb0oQNzOlu7YEm3BE0iB9Yrsp6R9avaVte5rvnSBU8W6pGIA3hx-fbENN19fSK...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyNzI2OTA4MTEzNDYzMTkyMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1

43 B
398 B

27ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEinnFA8xd9y83OMYrl3Ayg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 605B 0
104 B 204ms
68ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMWrFd1BXFr6Aq_u-8oi4JQ&google_cver=1&google_push=AXcoOmRAAlczMvIZrp19P_M1oi7pGLmtZkzGjH3x0bVE35cHeOthAWFtEAPyJ9eowwC73t98tjXwpPHyRwBjExOrbVZx4U7FV9sc7tgP2jVPArzqGnMD7GNR0ckMAIm5GLD0Ja0zsBYY6C_dyQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 605B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cver=1&google_push=AXcoOmTyGSjiCvnmf5N9O6h-cSbpJPHY8IabWK4WZifpFEW...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cver=1&google_push=AXcoOmTyGSjiCvnmf5N9O6h-cSbpJPHY8IabWK4WZifpFEWAWzwTUH6hSfooxyxhV7Pi788E3lfuQy-9HkzBrM1nF284XFkbinLyTJ44AK8LS2Ms47EOyIuBaDQEO1f-DsMhqMkvuDxkQKumqbE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 18:15:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVByWkg2UTgxUUVqeGY1&google_gid=CAESEMJYOEIWOk35D0Ks6CzHzF0&google_cver=1&google_push=AXcoOmTyGSjiCvnmf5N9O6h-cSbpJPHY8IabWK4WZifpFEWAWzwTUH6hSfooxyxhV7Pi788E3lfuQy-9HkzBrM1nF284XFkbinLyTJ44AK8LS2Ms47EOyIuBaDQEO1f-DsMhqMkvuDxkQKumqbE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 605B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHJ4GYAd6NY70IWMQIWXKYE&google_cver=1&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLij...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLijJBLavaUrr_HFvI_NQlxhwIjBNdll61wSz4OrrLXYHoWKI4tN...

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLijJBLavaUrr_HFvI_NQlxhwIjBNdll61wSz4OrrLXYHoWKI4tNNtpgn-ExO5imRfiU&google_hm=Pp3rJ8o6Tz6P_rdd1APYGBM

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSvgoXROOF0d_9WLDdj-Mcw-FPRF7tQOU31Bso_wgKrR_qbsHziIbFGDNBbEe5JrrVPagV-2vFqLijJBLavaUrr_HFvI_NQlxhwIjBNdll61wSz4OrrLXYHoWKI4tNNtpgn-ExO5imRfiU&google_hm=Pp3rJ8o6Tz6P_rdd1APYGBM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 605B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPxe8b8J0LL4DD_ZuYUZQWQ&google_cver=1&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_w...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_wFWb3e_T0JOOR0-NcZcQUvxYBtYdMNHxaRWTCq5...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_wFWb3e_T0JOOR0-NcZcQUvxYBtYdMNHxaRWTCq5W-ZyigD4BSEQbA&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 18:15:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuEaNMmvGZHqQnzivFXajzr-CariWJVuki0GZSOcNVswi5yMY7B8o0GQnI6KcbNr1WQ-YugTXqO9suCkV8qPb-M_wFWb3e_T0JOOR0-NcZcQUvxYBtYdMNHxaRWTCq5W-ZyigD4BSEQbA&google_hm=eS03MnhGWkFWRTJwSHlUN1A2SEZvMjZvMVB6UWJlMWxOan5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 605B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_vXszdR_ww1w39wIbIFmA&google_cver=1&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6zC...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6zCd5omVc1tl-as-kSfjsQMEnIRr2EU72BRfyVg3ao5FDuSqUrYjCOEawxed8Ysq2dmPA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU1NjMyNjU1MjIyMzc0NjE1NA&google_push=AXcoOmRD-rpGTYbfWP-POSCNkdYf3x7FUhWZiXO-pNpBQt4MgyhQYuHGzOtlfiGCV6TdMe6yFPDlt6zCd5omVc1tl-as-kSfjsQMEnIRr2EU72BRfyVg3ao5FDuSqUrYjCOEawxed8Ysq2dmPA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 605B 43 B
297 B 207ms
35ms Image
image/gif 2a05:d01c:1d8:8102:46cb:fe9c:ee4b:82b9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELd3e74XujV03aNBSxUBZFQ&google_cver=1&google_push=AXcoOmRRzblFFbZsxQCIIKrj3Lrtw4vTcLm9j64Bs1h3sV-6rFOsU2wp7lgoATfJwsQjZUPYpud50LFBZOM_N_ThaM2oA3J3vggGfcUunH4QYu0LriLfhuH348aIpfu_kd8jtopPDiidlNTMVpE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:46cb:fe9c:ee4b:82b9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Sep 2023 18:15:22 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 605B 0
12 B 27ms
26ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ik2kiXg07ygf5xNVICR-zBYkgfvVSUsF4qW8mu89XttRDEFUmn1KG2OOtOiAXZS6YnAY5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6541 16 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 175748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:26:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6541 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 72426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6541
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9L6kOBP6ZN6VJ7yD2fcP87OUwAvsmczrcsPF8Ib5D-ucgLjLHhABIMfDsyNglYKAgKwHoAHBstPbA8gBCakCoVjXSzz1sT6oAwHIA8sEqgTeAU_Qgd-6rAdoZ-ZHW0Zeuts7TdCM72RxjPe...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229776653492309939245%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259...

0
0

57ms
57ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229776653492309939245%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997513537%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222622133107674522801%22}&andc=true

Protocol

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9776653492309939245","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997513537"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"2622133107674522801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 18:15:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9776653492309939245","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997513537"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"2622133107674522801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 72ms
71ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc19009fc6e0737104061672be4f2e68fd43abb8cfe250297aa262dfb76a8010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11709
x-xss-protection: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 77D1 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9977301801155839&output=html&h=280&adk=3709933562&adf=1687536192&pi=t.aa~a.3914302165~i.17~rp.4&w=789&fwrn=4&fwrnh=100&lmt=1694103320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7073931503&ad_type=text_image&format=789x280&url=https%3A%2F%2Fwinterolympicspass.com%2F&ea=0&fwr=0&pra=3&rh=198&rw=789&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694110520594&bpp=1&bdt=2313&idt=-M&shv=r20230906&mjsv=m202309050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D15f977909fca8ff9-227bfdc268de00f7%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw&gpic=UID%3D00000d90c464f186%3AT%3D1694110519%3ART%3D1694110519%3AS%3DALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw&prev_fmts=0x0%2C1120x280&nras=3&correlator=2894653406843&frm=20&pv=1&ga_vid=217641885.1694110519&ga_sid=1694110519&ga_hid=108165204&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=1543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42532335%2C44795921%2C31077667&oid=2&psts=AOrYGsm5J7_7jyxrdZ4tJkAYyc-5xHv52vc0XBd_VaQUk4GBQuJJ-89w-rnQYeQ-jbF11yo6Xp68hM8ExRjHih2KGlH_&pvsid=2881686906235446&tmod=28449481&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 18:15:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 18:15:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27EA 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:14:14 GMT
expires: Fri, 06 Sep 2024 12:14:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61E9 829 B
559 B 30ms
29ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e5d19334462c30e16c617686d65b16d96d5c20b1e384aa75da362cee296beef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aun183JvpEDAR7NuKQI9lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winterolympicspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-aun183JvpEDAR7NuKQI9lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:15:22 GMT
expires: Thu, 07 Sep 2023 18:15:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 27EA 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 18:15:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61E9 0
0 121ms
121ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=2881686906235446&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 27EA 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C_brGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:15:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
125ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=2881686906235446&bg=!hIelh8jNAAa6D61Rmg87ADQBe5WfODZleOtFpTXBd737_v21ExRrfsHltwy2lDmGLpjsUC7PpVQemkI5TR3bw8GUfy8uAgAAAFBSAAAABWgBB5kCyEP2znHnBlnd7fBiqiA4Bi7YSovfH-t_3rqpoAOseWh2NlVhoqjKkKif_Z9NUUpxggQBdIweZNI7VTO1SsTMeZp8rJgBcEuK7uoXmvp2UjJ4hSUrbOSV6EfAUFg0Fe_QE39jx_xGO3bmRXznnnWfjEsIuPx9fdi_zj79loiPkbcP44Z2Q77rj01Uf5iqjRAFDvbZ5VSmcvlVyNJk98cZ1bjMw4VwYkz0Sj6dy_Ge2CYM_oGNUrcUFzgS61h6xjS6kepgKqncyXSpF79-Cmz-f3NFZ2wY3c4OIEIdMFmSn1VMRr0Q08giyxT8QdJ-P8VQStlE4c7CLRxxV9QBZVhpSccJ2BeloGQaHUSMlAApFEsDeJ8Pra98LjoFUqjQi4DGPzRa3daQSLbT0uM_xzm8lNcTH6n_6x8MfkefNOyAuE8VWJvUy2LrJUsThfqa_1DHQfyKNT95H0HOolGOZAEK51ot5VSfFPYSgLk5SqyodEpkR1SgsGCwGYyx4M8JHu-NJooAjlYMmcfZQ_KY-vEDilv2TgWQwym2tyl3rZ1o4Vh6pa_a3Bv7BlIAgWJBE4DyJrZCLaj7nGz44Jay5Mlyk8-aS9t4u-E1LTnUO2tYWlzX2x1TsW153gGVxj5JapVl7aAQm6pqV3vrI1PYEH28nyvVTI98VOGc1GktJUHJGCHvM4Elu01b5uv60FpDVPZ0xHUzL06icxLT8ZZL-y8YiUuLkuo4vgeP_qN6nhE8J-tkp9NuORt3o-N6Jw9Zfu5GjUuhuudSy7AQB7EQkuQ-TEQ0QTye6TfqUZvbVg7gDNR3YjJS7QhridIZSoidlQTiX_rtHXXykyggCDEa-C7_Kxk8uMAPO0Nf-1TJFkBLotRtrKRqdc7L_F0Q-URNsPwR6E4ap1QrxiCwC7WenmmuYVhlHZd9uH6s7JDS0uJIlzA0FMFL2VndePw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterolympicspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winterolympicspass.com/	1970-01-20 23:56:46	Name: __gads Value: ID=15f977909fca8ff9-227bfdc268de00f7:T=1694110519:RT=1694110519:S=ALNI_MaCTRj2jCQfXklxTJfnGFVSc8iiVw
.winterolympicspass.com/	1970-01-20 23:56:46	Name: __gpi Value: UID=00000d90c464f186:T=1694110519:RT=1694110519:S=ALNI_MblbVxPRXW5yyP18WQJzhWTo0p3fw
.googleadservices.com/	1970-01-20 16:44:46	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:35:14	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 23:22:12	Name: suid Value: 8B99883A5E72495BB329742118FF9209
.w55c.net/	1970-01-21 00:05:24	Name: wfivefivec Value: UPrZH6Q81QEjxf5
.adform.net/	1970-01-20 15:18:22	Name: C Value: 1
.turn.com/	1970-01-20 18:54:22	Name: uid Value: 8527269081134631920
.w55c.net/	1970-01-20 15:18:22	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 16:01:34	Name: uid Value: 7556326552223746154
.yahoo.com/	1970-01-20 23:21:08	Name: A3 Value: d=AQABBDkT-mQCEEbyviyeEDKiA7Tp_4N5O0IFEgEBAQFk-2QDZQAAAAAA_eMAAA&S=AQAAAugPFOWKa8xKTb1JZGDD-u4
.everesttech.net/	1970-01-20 23:20:46	Name: everest_g_v2 Value: g_surferid~ZPoTOQAOj5FU2gBY
.doubleclick.net/	1970-01-20 23:56:46	Name: IDE Value: AHWqTUmKZXXtyOtCyrrXP_gndMcnzYvKa0ChIBVdA34XaQOgvxv_cs7heACH1ZgIQsU
.ctnsnet.com/	1970-01-20 23:20:46	Name: gid_CAESEHJ4GYAd6NY70IWMQIWXKYE Value: 1
.ctnsnet.com/	1970-01-20 23:20:46	Name: cid_3e9deb27ca3a4f3e8ffeb75dd403d818 Value: 1
.innovid.com/	1970-01-20 16:44:46	Name: uuid Value: c100b498-567f-4581-be33-7bcce697ddc9-20230907 14:15:22

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
olympics2021info.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
sync-tm.everesttech.net
tpc.googlesyndication.com
track.seadform.net
um.simpli.fi
winterolympicspass.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
142.250.74.194
151.101.66.49
178.250.1.9
2001:678:cb4:bbbb::11
2606:4700:3036::6815:6f2
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:4651:7745:94d9:24ca
2a05:d01c:1d8:8102:46cb:fe9c:ee4b:82b9
2a06:98c1:3120::3
34.91.62.186
35.186.193.173
37.157.3.20
37.157.5.133
52.28.44.182
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbaa4710a3fa653a00e93e594f3b64a771b7b38e32f788b9e4947ea11719b8c
13dc8074d30db1a46f4af6f5dd73b2833ef0b70b734de82d0e9e10695bb1ae61
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1e5d19334462c30e16c617686d65b16d96d5c20b1e384aa75da362cee296beef
2bbbb775be1eb2ea5909c5640f8ee004e5ef9501db47acb5d0fd7fc8e1c48cea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38e00bba472cc4ba9cbf98be960d28be361baf5981488523170d8b9983ebbfbc
3a6c5e9e92fe1c9380e92b98d1467163756a5fecd361e377d99c839ed5be56d2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bf7cb52350f1db5e4337d7e318537af4b9cd61f31e06e3cc2a0912c6c41e0bf
4542ff08e1ba2a0ed00a5cfad08d11576c7defed9058ea6edcbce62346ef2689
45d3eee1f47887986736f9ad06df250a600fd2e0f93744b4cf17335dd6d87ded
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50bc4d03e30ad8b3657d86f0cd841968b7b6249311fb4a7b696af812b499570b
53112937874106107438db689d80d54eca34712488fa9245298203ff15b2fd09
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0df57f4fb6a338bcdf6e8e41a371274ee924c5f443656a6f6b7b2b1562bf28
60d05981a352efa421c60485209dc2474657af73521261f444f49b2a8ced6a3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
72b40c27c2b390d44e2e64bd6a69e4f059376d587696093a9d66f632d7973f4b
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84610aa3213a3fdd567b86285eed6d507df393d7d2ab9f6d8030bdce70aac22b
8691294cd28a96f9288d7a6a9d4d76899c52034f8a2eb97f274f1c5af9af7017
8b9966c95c0f5f392937b5e11f78c5b8cda438d62e7a4962734b77d820e115a7
8e7932f4eac061a1b3348ed57ba63d3e2276d53829c8fe0d1f32b97c1ca2ba83
95a6555232b9241a5c939e2eef52e7858dd3bfc1ae43e92ca6638e7d9537b4c9
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
adc7fcd8aa812ba9cf1ec40ed9051b99fd83e16cb5fd1cd7615f84688b2aa3d3
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b105a2caeda0c0b2f6b9954381cca0a19f1428fe84f495fc7ebdf595f7004bfe
b6cf441ef2f87474a0d70759972f5d2440094233b944f3d2055f0c46e43650d7
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
ccd85bcbc294d7233afc2edb68f7c05426dcd3a35691c23b4b799e32d6fd0b5f
d2848d20aa1fc5ce54ca74074cde354dfd280bed0f3f1534352972781d73dcde
d6ad2841c8e57b5e54138fe7544803b0ff07ac8d05265b06cdb78afe1dd573a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548f050d2884e29d1884c714f7893b27d96eb814be0245364cf9aa5b22a17aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4030bd6b50358900a7903ecc5032f6ce265b0cd800a21aec26fd4901fa471fa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f950e8a2d5253a968e996263f8565a82282ac5c5a9c6cc47549ec30810ad5728
fc19009fc6e0737104061672be4f2e68fd43abb8cfe250297aa262dfb76a8010

winterolympicspass.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

88 %HTTPS

61 %IPv6

20 Domains

25 Subdomains

17 IPs

8 Countries

1544 kBTransfer

3863 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winterolympicspass.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

88 %
HTTPS

61 %
IPv6

20
Domains

25
Subdomains

17
IPs

8
Countries

1544 kB
Transfer

3863 kB
Size

16
Cookies

121 HTTP transactions
4 data transactions