www.plainstrack.com Open in urlscan Pro
216.80.18.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.plainstrack.com/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 6:42:17 pm UTC) — Scanned from DE

Summary HTTP 89 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 89 HTTP transactions. The main IP is 216.80.18.57, located in Lake Zurich, United States and belongs to RCN-AS, US. The main domain is www.plainstrack.com.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time www.plainstrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	216.80.18.57 216.80.18.57	6079 (RCN-AS) (RCN-AS)
1	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
16	52.217.137.97 52.217.137.97	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.233.50 192.229.233.50	15133 (EDGECAST) (EDGECAST)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	64.233.166.157 64.233.166.157	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
22	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
2	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
7	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
89	18

13 216.80.18.57 (Lake Zurich, United States)

ASN6079 (RCN-AS, US)
PTR: mateseconsulting.com

www.plainstrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.steepleweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.217.137.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sw1.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.50 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.166.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Gelsenkirchen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	320 KB
16	amazonaws.com sw1.s3.amazonaws.com	583 KB
10	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	77 KB
10	steepleweb.com www.steepleweb.com	71 KB
7	ampproject.org cdn.ampproject.org	126 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	plainstrack.com www.plainstrack.com	41 KB
2	gstatic.com fonts.gstatic.com	40 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	exactag.com m.exactag.com	1 KB
1	googletagservices.com www.googletagservices.com	38 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	twimg.com pbs.twimg.com	7 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
0	yahooapis.com Failed query.yahooapis.com Failed
89	16

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com
16	sw1.s3.amazonaws.com	www.plainstrack.com
10	www.steepleweb.com	www.plainstrack.com www.steepleweb.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	www.plainstrack.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.plainstrack.com	www.plainstrack.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.plainstrack.com
1	m.exactag.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pbs.twimg.com	www.plainstrack.com
1	maxcdn.bootstrapcdn.com	www.plainstrack.com
1	ajax.googleapis.com	www.plainstrack.com
0	query.yahooapis.com Failed	ajax.googleapis.com
89	20

This site contains links to these domains. Also see Links.

Domain
docs.google.com
twitter.com
t.co
www.steepleweb.com

Subject Issuer	Validity	Valid
plainstrack.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
steepleweb.com R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.plainstrack.com/
Frame ID: ADFCA061C493CFF2946B2705BE59E2A2
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 559BB011701BA275C130FC0B7B9C43A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98
Frame ID: E883B674CF7AC02551BF6F98FD46A20C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=90&slotname=1791799816&adk=3091447901&adf=2150344420&pi=t.ma~as.1791799816&w=728&lmt=1634236931&psa=0&format=728x90&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931804&bpp=1&bdt=787&idt=101&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=456&ady=2282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=3UeKmqTlGs&p=https%3A//www.plainstrack.com&dtd=103
Frame ID: 557B3F547D8C177BF22D2F847A86937D
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&adk=522671305&adf=1178619241&lmt=1634236931&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.plainstrack.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931839&bpp=1&bdt=822&idt=72&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250%2C728x90&nras=1&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=79
Frame ID: 769A773FF1A6798AAC6BF6AFDE90E385
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html
Frame ID: 7FC3F98F46C71177FAD52F097D0B1A54
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A3C9A1AA56DEEFB86F320A74F0DF93C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 01E072A1EB7A85A21889204D73B387C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EDF8FD5FF35FF0598537E193F85339B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Plains Track & Field and Cross Country -

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

98 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

18
IPs

3
Countries

1348 kB
Transfer

2459 kB
Size

14
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/spreadsheets/d/1ezBBVqmsPAjM-W4Uf0_davYnxUqeobAA35BK2WpoL_Q/edit?usp=sharing
Title: Track and Field Season Best Performances

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1uupP7uUCuWmRaK-dNTTHAoAkhqoTQR5YWORhnSmRhFA/edit?usp=sharing
Title: Sprinter Workout Results/Rankings

Search URL Search Domain Scan URL

URL: https://docs.google.com/spreadsheets/d/1cd3vRx5wHiM4Aipe4LodEiTdrAuLgxSGzbwbKMnrF8Q/edit?usp=sharing
Title: Cross Country History

Search URL Search Domain Scan URL

URL: https://docs.google.com/spreadsheets/d/1mvQd6xR5Y3pbnAkJSrX0kzzV9JymzUy1roKzUKEyshg/edit?usp=sharing
Title: IHSA State Qualifying Marks

Search URL Search Domain Scan URL

URL: https://docs.google.com/spreadsheets/d/1XmF6fub-wpdY6b3hIDQuWpCmLuLgY-MgBLK4XrllgO4/edit?usp=sharing
Title: Letter Qualifications

Search URL Search Domain Scan URL

URL: http://docs.google.com/spreadsheets/d/1F9F4eWOThwkmGbemTYI4VXC9LxIV6T74MS9OnzeNspQ/edit?usp=sharing
Title: Track and Field State Qualifiers

Search URL Search Domain Scan URL

URL: https://docs.google.com/spreadsheets/d/1Dlr2WIIXVhpVkHafFbQpx39Cf7Tf1KzwB4IzEVKx_VQ/edit?usp=sharing
Title: Frosh/Soph Track Records

Search URL Search Domain Scan URL

URL: https://twitter.com/davidmaris958
Title: @davidmaris958

Search URL Search Domain Scan URL

URL: https://twitter.com/TT_EightTwo
Title: @TT_EightTwo

Search URL Search Domain Scan URL

URL: https://t.co/U4G2DMn71B
Title: https://t.co/U4G2DMn71B

Search URL Search Domain Scan URL

URL: https://twitter.com/EPG_XC_TF
Title: @EPG_XC_TF

Search URL Search Domain Scan URL

URL: https://twitter.com/Coach_Rathke
Title: @Coach_Rathke

Search URL Search Domain Scan URL

URL: https://twitter.com/TFConsortium
Title: @TFConsortium

Search URL Search Domain Scan URL

URL: https://t.co/8f0DurSVlb
Title: https://t.co/8f0DurSVlb

Search URL Search Domain Scan URL

URL: https://t.co/53MW0tE5lZ
Title: https://t.co/53MW0tE5lZ

Search URL Search Domain Scan URL

URL: https://t.co/PxPT1ptMF3
Title: https://t.co/PxPT1ptMF3

Search URL Search Domain Scan URL

URL: https://twitter.com/ShelbyvilleILTF
Title: @ShelbyvilleILTF

Search URL Search Domain Scan URL

URL: http://twitter.com/Plainstrackxc
Title: follow me on Twitter

Search URL Search Domain Scan URL

URL: https://www.steepleweb.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.plainstrack.com/ 30 KB
30 KB 1279ms
743ms Document
text/html 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 8cecfd71f1c0b627771890b2c221dd97fe3e95cb569cc0e8c50fa30d49125da3

Request headers

Host: www.plainstrack.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 14 Oct 2021 18:42:10 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: sw16=4a758uq39nsseu0uh1eemk6ob3; path=/
Content-Length: 30823
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK champaign.css
www.steepleweb.com/global/css/ 29 KB
29 KB 439ms
146ms Stylesheet
text/css 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.steepleweb.com/global/css/champaign.css
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 7203e23eab5ec5055c32c2067f09d71ae173bfea3c1ba300d1fbaeecbafd22d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Mon, 04 May 2020 17:54:48 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "8119eb5f-7316-5a4d63a1a064b"
Content-Type: text/css
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29462
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK local.css
www.plainstrack.com/includes/ 7 KB
8 KB 151ms
151ms Stylesheet
text/css 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plainstrack.com/includes/local.css
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: c8995823960fff997e42ee851286efbcce990f13c48a63c42a04319781cc1702

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.plainstrack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.plainstrack.com/
Cookie: sw16=4a758uq39nsseu0uh1eemk6ob3
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Thu, 15 Jun 2017 18:13:15 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "53bcd8e-1cda-552039f5c4129"
Content-Type: text/css
Cache-Control: max-age=259200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7386
Expires: Sun, 17 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK slides.css
www.steepleweb.com/global/js/ 1 KB
2 KB 444ms
151ms Stylesheet
text/css 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.steepleweb.com/global/js/slides.css
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: d466bc93838c53b47075ba75490fb453aff039193851455b38739f8ce74e8d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:36 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "40c90cba-480-539d894d4c826"
Content-Type: text/css
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1152
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 85ms
30ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 12:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 14 Oct 2022 12:22:39 GMT

GET
H/1.1 200
OK slides.min.jquery.js Show response
www.steepleweb.com/global/js/ 7 KB
7 KB 441ms
149ms Script
application/javascript 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.steepleweb.com/global/js/slides.min.jquery.js
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:36 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "40c90cbb-1a80-539d894d5c9f2"
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6784
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK 16175444.jpg
sw1.s3.amazonaws.com/21/ 19 KB
19 KB 457ms
144ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/16175444.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5cd96538e5cba2ea3b69e7f1371916798ee9ef6587c866199e2dc4466f15287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Sun, 20 Apr 2014 22:54:45 GMT
Server: AmazonS3
x-amz-request-id: Z0GRJB8WNGCANT12
ETag: "f11db082129ef8c6e75f8d54a4bb737f"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 19269
x-amz-id-2: MXPq5M4qN/vUsynDSckZEVVPPWpG1P/svT5jObLDFtm3pq3g7Uh8NSCrrxPe/DiQIP29OuN52hs=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 48ms
17ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 15109473
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d51e4acffbb0c715197a27b396f5e31f
cf-ray: 69e2f235fa8921b1-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jquery.megamenu.js Show response
www.steepleweb.com/global/megamenu/ 4 KB
4 KB 146ms
146ms Script
application/javascript 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.steepleweb.com/global/megamenu/jquery.megamenu.js
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 13672e25a646936d48cfed1b766d59b25da2391531b507668f73ce4cc5f9d10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:43 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "40c90cc7-f01-539d8954aae44"
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3841
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK 2021_collage20210514_222033.jpg
sw1.s3.amazonaws.com/21/banners/ 61 KB
61 KB 470ms
156ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2021_collage20210514_222033.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 31fb0a5a9c3ffc2ff538546dc5db11a263875cc49eff6ac44685c6882f508d59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Sat, 15 May 2021 03:20:35 GMT
Server: AmazonS3
x-amz-request-id: Z0GYPY9XN4BBE0T0
ETag: "31f1678c499742f302b2930e752ee7b2"
Content-Language: en-us
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 62345
x-amz-id-2: +EiU3loMvRQFrZvZ9M0qoYiUux8ASeJiUVEHRIpsMRmUtYa+NlA+yVP7rXU8iM8iSRCGwbudTmg=

GET
H/1.1 200
OK 2021_4x420210514_223508.jpg
sw1.s3.amazonaws.com/21/banners/ 49 KB
49 KB 563ms
133ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2021_4x420210514_223508.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c8c64788c7eee7da2b2295bc5df02555595287e3ac51fd4f235a589d8f54bda0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Sat, 15 May 2021 03:35:09 GMT
Server: AmazonS3
x-amz-request-id: CN98JMPS99ENN12X
ETag: "b4238da8d3c5ae4cc1052b62e59b330f"
Content-Language: en-us
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 50072
x-amz-id-2: KtiofglxepKqBiXGYm1KNUkUcVDGmCAUMCbCx+El76KLICdJk15CcO/X6njvi/0z1HPIse6aVbE=

GET
H/1.1 200
OK 2021_4x400_220210514_223804.jpg
sw1.s3.amazonaws.com/21/banners/ 59 KB
60 KB 571ms
137ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2021_4x400_220210514_223804.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ebe004f9cd9ad010a7e897afc96e74c46058d0ae8c6cca08bcbd726b8a858589

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Sat, 15 May 2021 03:38:05 GMT
Server: AmazonS3
x-amz-request-id: CN96SKZ80YQPYKVA
ETag: "99a8d32a09752ad88dc2e9bec980aeaf"
Content-Language: en-us
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 60572
x-amz-id-2: lt8UVIHcrxs9qybR9fHAyE/vZ/27TL3agmy37e5V629YQY6aY3yLbaepdsZTRjeXk94Z2rcCb0A=

GET
H/1.1 200
OK cain_110_state20210629_200201.jpg
sw1.s3.amazonaws.com/21/banners/ 66 KB
66 KB 584ms
122ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/cain_110_state20210629_200201.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a0216787780ae93b95dc13e8a2ae3a2b14b084bdc0b5cd0ae7bc4ca9999f706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Wed, 30 Jun 2021 01:02:03 GMT
Server: AmazonS3
x-amz-request-id: CN92RY3W3VNJBFSA
ETag: "83785f5a9de51d333ebbed9ba5ddebdf"
Content-Language: en-us
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 67072
x-amz-id-2: VEsTcdS08iwQ1BEXXwtdAYnrb9ajJXb+Ffaoolpsj0GnCvwjmDn4RBmZfQvn2yT/Zyj6pjySMV0=

GET
H/1.1 200
OK 4x1_state20210629_200434.jpg
sw1.s3.amazonaws.com/21/banners/ 63 KB
63 KB 615ms
132ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/4x1_state20210629_200434.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52a9b85f6e5fdfa0f28766736d6997673b87e0366611208375bc7e16ad655cdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Wed, 30 Jun 2021 01:04:36 GMT
Server: AmazonS3
x-amz-request-id: CN9FJ4TTSCB9660C
ETag: "73042266dedc49bedad9f4a0c4340189"
Content-Language: en-us
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 64481
x-amz-id-2: xei6+YEsq5UyphGEJ0dHxFrfEDEBeuLERbLrRCMaNoyD0qMmrckeah2b0HW7xUGkctv7UKl9OVU=

GET
H/1.1 200
OK 2017_-_4x4_podium20180128_193327.jpg
sw1.s3.amazonaws.com/21/banners/ 60 KB
60 KB 121ms
121ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2017_-_4x4_podium20180128_193327.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 24525c270c42cc76af8a707dd251883090494d97c3861a6a6b3e0f3cf973779b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Mon, 29 Jan 2018 01:33:28 GMT
Server: AmazonS3
x-amz-request-id: CN98G267V4J46GJ0
ETag: "416dbf2a54060a3013e496fe658ab723"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 61221
x-amz-id-2: qlMDJJxrJQ/9LeFcFW0kt9VAkHv8jxSObS55gY0dnAJBRokF2Bp/wAGdQjJIxPlBdkO2+cuu2D8=

GET
H/1.1 200
OK 2017_-_4x8_podium20180128_193356.jpg
sw1.s3.amazonaws.com/21/banners/ 56 KB
57 KB 123ms
123ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2017_-_4x8_podium20180128_193356.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 208b880c147e39862402b1156cb6ea95dcd5df57eda4ed9ebcc09f03f9b2409d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Mon, 29 Jan 2018 01:33:57 GMT
Server: AmazonS3
x-amz-request-id: CN944T84R14T3X7E
ETag: "9f5c7cf9352b70c1cdf7db1b30b5700e"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 57538
x-amz-id-2: m49IZZ2yQ9I2DGzJFQvRu1QelW63mKlbL1X57VT1lmwHn+xBr4mjr34FGnC5gBNVyU+uwz8G1+w=

GET
H/1.1 200
OK 2017_-_hj20180128_193452.jpg
sw1.s3.amazonaws.com/21/banners/ 28 KB
29 KB 133ms
132ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2017_-_hj20180128_193452.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: be1f412b05f5746d45bcf76bcbcb8dda7c4494a8b7aa4756753151c15526fd0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Mon, 29 Jan 2018 01:34:53 GMT
Server: AmazonS3
x-amz-request-id: CN93NVF304BYAYKK
ETag: "b8fa9b95cfa408e7d71f0025bff0c753"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 28914
x-amz-id-2: 3BzUENbIj89qP6DGH9juKuvofiFsxwov2FiVQM0DEi+YaTwUQH9qMQKMGa9kvKiI3H5jGUwGQPI=

GET
H/1.1 200
OK 2017_-_hj_podium20180128_193428.jpg
sw1.s3.amazonaws.com/21/banners/ 46 KB
47 KB 159ms
159ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/banners/2017_-_hj_podium20180128_193428.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99a36c2374e0bab216ef70792f68a72b9870011dd7abfce2397b6385f1e72fcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Mon, 29 Jan 2018 01:34:29 GMT
Server: AmazonS3
x-amz-request-id: CN97X60GHVSTZ77W
ETag: "4e407e547122a59785bcebaf9997034a"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 47318
x-amz-id-2: cFmbjPrGbrE5xqO9W87ksVIk/Fb8wcZxJtfGTjBvThJEROrkIyAWyMsfC615oeVi6lh9Ewnhhv0=

GET
H/1.1 200
OK jerseyville_winter_thaw_results141436_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 10 KB
10 KB 372ms
129ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/jerseyville_winter_thaw_results141436_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d3277ab458813a926a89b77ffc70939e17d33cf2e77c4f24a9e9e43aa570ca0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Sun, 10 Mar 2019 19:14:37 GMT
Server: AmazonS3
x-amz-request-id: Z0GREP6GFRYCNMAC
ETag: "d5015ac20851dbf7063c3202142fa209"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 9995
x-amz-id-2: Yn6YaT99jmKBuA2sj3XS1Ybjfpmn/OHr3Y9I84duvRNYl1bIGBwgh5w4eQtGbXsZcGzIrW7PJrM=

GET
H/1.1 200
OK ic_results115358_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 11 KB
12 KB 368ms
125ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/ic_results115358_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 85b492f0d75f657ec548f87f3707eb4b705eac6229a6a0399da5a6c33bedfa3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Mon, 04 Mar 2019 17:53:59 GMT
Server: AmazonS3
x-amz-request-id: Z0GW6X00J7M4S2R8
ETag: "4210bfda7bf063dccbbe67270edcfbf3"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 11438
x-amz-id-2: d3+9i78YWxcrBdplGWFu2JXhPnzfl71aVqmR+azB4Yy5d9+o3RNnIv7lA4v2Je8oAoX4kftSxo8=

GET
H/1.1 200
OK regional_results073951_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 9 KB
9 KB 400ms
155ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/regional_results073951_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9008e76905a644534928cc66c45838c46d477ff7da76c168cd04d74a6e8aa10f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Mon, 22 Oct 2018 12:39:52 GMT
Server: AmazonS3
x-amz-request-id: Z0GW95ZEJF9R058X
ETag: "ab373b913d2919e3ccb55f616ce42c15"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 9244
x-amz-id-2: Ae6LCiC/GSErI54Q/f98wAyizlosRNLzojOkjvWgT7jYKOSL6zta4hjiohOdKeRLU8h4u5KQvSc=

GET
H/1.1 200
OK shs_invite_results123917_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 7 KB
7 KB 421ms
179ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/shs_invite_results123917_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 301eae52945aa6840eca5706118876d3c152999a40f85def7fc184163fcdf4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:12 GMT
Last-Modified: Mon, 24 Sep 2018 17:39:18 GMT
Server: AmazonS3
x-amz-request-id: Z0GJBXFJVXD2EERC
ETag: "508cb0f3bde9c23073ce40660e9250c3"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 6754
x-amz-id-2: xn9YDsx5wyiKmnAMhThBK8Lg/+ptC+pbevuApa76SkX8HNoDFrMu2YZqrZizjMcwXj1KB8MehYo=

GET
H/1.1 200
OK qnd_invite_results105141_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 13 KB
14 KB 128ms
127ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/qnd_invite_results105141_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e36dc888a9ba5d54dc4ba3a64ea21f889ca2d11dd327998161f8fb1ff1c83bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Wed, 12 Sep 2018 15:51:42 GMT
Server: AmazonS3
x-amz-request-id: CN9F680660XFNQJ6
ETag: "e3115a02ad33c33181f5df9982666edd"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 13575
x-amz-id-2: HExzt34RsUMyrC7v0Mx1aPT8mWsieTaqO2a4B0z/XLjBwkm005LlOdX+mseS1UiAq0rX0iCMXzo=

GET
H/1.1 200
OK first_to_the_finish_results090602_tn.jpg
sw1.s3.amazonaws.com/21/news/59/ 19 KB
20 KB 123ms
123ms Image
image/jpg 52.217.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw1.s3.amazonaws.com/21/news/59/first_to_the_finish_results090602_tn.jpg
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.137.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ed746c104ee8f15a51164d92a0658a26842dcb550577f876f4f6d0c8cfc0141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:13 GMT
Last-Modified: Sun, 09 Sep 2018 14:06:03 GMT
Server: AmazonS3
x-amz-request-id: CN957QNGZMMCE1H8
ETag: "f4bacd12a5dbbd56ecba6a611221509b"
Content-Language: en-US
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpg
Content-Length: 19860
x-amz-id-2: tV02rsm5ifq1q3yhGkNcDippxvFHEX9iPji8NUql2eXAHDH7oko7RayAutwgIVAFXOJm/JkgJLM=

GET
H/1.1 200
OK jquery.simpleWeather.min.js Show response
www.steepleweb.com/global/js/ 3 KB
4 KB 146ms
145ms Script
application/javascript 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.steepleweb.com/global/js/jquery.simpleWeather.min.js
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: c2da4720398d9dfc58821573db8754ac6d3d1d3ea612689cc94f1fba3ec8da15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:35 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "40c90caf-de2-539d894c74f19"
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3554
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H2 200 _B7CEsF7_normal.png
pbs.twimg.com/profile_images/1102621397434753024/ 7 KB
7 KB 172ms
150ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1102621397434753024/_B7CEsF7_normal.png

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

d7bcbde97a81c4dc34ea729e2cd3515a2bdbb6773015165437c3b286bb7acdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:11 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 6671
surrogate-key: profile_images profile_images/bucket/4 profile_images/1102621397434753024
last-modified: Mon, 04 Mar 2019 17:24:41 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f69a45af3bc50f5e599df33d301486157f3c66ee2ba52e12c45d16aaf624a000
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 86ms
48ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

74a5c7a89bb616c7f306d54ff3074e93e66fe93e87f15b5451611dc9c5e879d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: cafe
etag: 11515253224274218314
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK steepleweb-400.png
www.steepleweb.com/images/ 12 KB
12 KB 146ms
146ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.steepleweb.com/images/steepleweb-400.png
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 10a81afde9ee4d305d9ee31b5f3eb6db4f9b2656131aac38385a25a35dc08cfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:08 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "c8db6391-304d-539d8932cbeda"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12365
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK bg_1.png
www.steepleweb.com/global/images/champaign/ 1 KB
1 KB 146ms
145ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.steepleweb.com/global/images/champaign/bg_1.png
Requested by: Host: www.steepleweb.com
URL: https://www.steepleweb.com/global/css/champaign.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: e21f69b1295c807f95802cf7e1e934b53ea81ee4ae4b3df659537598b9f5d913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.steepleweb.com/global/css/champaign.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:21 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "5fdb65e-46d-539d893f75b6a"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1133
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK champaign_sprites.png
www.steepleweb.com/global/images/champaign/ 4 KB
4 KB 242ms
145ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.steepleweb.com/global/images/champaign/champaign_sprites.png
Requested by: Host: www.steepleweb.com
URL: https://www.steepleweb.com/global/css/champaign.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 3dc20cd869d794d7498aba02a09136279e5f604923c21ed1893242038ff3ffa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.steepleweb.com/global/css/champaign.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:22 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "5fdb664-e1b-539d893fd75d7"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3611
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK bg_side3.png
www.steepleweb.com/global/images/champaign/ 5 KB
6 KB 227ms
150ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.steepleweb.com/global/images/champaign/bg_side3.png
Requested by: Host: www.steepleweb.com
URL: https://www.steepleweb.com/global/css/champaign.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 6f24b36a8440b32139ca01fece5ac624c01735210c09f30cb3b4d1bd08643299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.steepleweb.com/global/css/champaign.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:21 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "5fdb661-1509-539d893fa8bc8"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5385
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK bubble.png
www.plainstrack.com/images/ 3 KB
3 KB 152ms
152ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.plainstrack.com/images/bubble.png
Requested by: Host: www.plainstrack.com
URL: https://www.plainstrack.com/includes/local.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 0eba3b642169065b461d6ec59c2bb8b3961e919369d73162313e0990225341f5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.plainstrack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.plainstrack.com/includes/local.css
Cookie: sw16=4a758uq39nsseu0uh1eemk6ob3
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/includes/local.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Thu, 15 Jun 2017 18:13:15 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "ca1caf82-bae-552039f5bc42a"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2990
Expires: Thu, 21 Oct 2021 18:42:11 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 273 KB
98 KB 39ms
39ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4357940515248644&plah=www.plainstrack.com&bust=31063156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

ab6f6533a8d460f0e10106f1aaf11838392a8ec02413920511385267a3f24ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99877
x-xss-protection: 0
server: cafe
etag: 7144739799770909485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 18:42:11 GMT

GET
H/1.1 200
OK bottom_side.png
www.steepleweb.com/global/images/champaign/ 2 KB
2 KB 176ms
146ms Image
image/png 216.80.18.57
RCN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.steepleweb.com/global/images/champaign/bottom_side.png
Requested by: Host: www.steepleweb.com
URL: https://www.steepleweb.com/global/css/champaign.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.80.18.57 Lake Zurich, United States, ASN6079 (RCN-AS, US),
Reverse DNS: mateseconsulting.com
Software: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 /
Resource Hash: 31f86de099333264e6aee0176f075d3698af1d94bdc060c9e307ed72e253b753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.steepleweb.com/global/css/champaign.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 18:42:11 GMT
Last-Modified: Fri, 12 Aug 2016 04:47:22 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
ETag: "5fdb662-772-539d893fb8d95"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1906
Expires: Sun, 24 Oct 2021 18:42:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 559B 10 KB
5 KB 54ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:25:32 GMT
expires: Wed, 27 Oct 2021 21:25:32 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 76599
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 64ms
21ms Script
text/javascript 64.233.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6501
date: Thu, 14 Oct 2021 16:53:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 14 Oct 2021 18:53:50 GMT

GET yql
query.yahooapis.com/v1/public/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
659 B 101ms
30ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.plainstrack.com&callback=_gfp_s_&client=ca-pub-4357940515248644

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4357940515248644&plah=www.plainstrack.com&bust=31063156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e39420040332a3ac2e7c2a68032148b8e1e4e513508da0a26e3208bcfa92bcad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 91ms
36ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plainstrack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 82ms
33ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plainstrack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E883 102 KB
36 KB 689ms
663ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

5bb5875f469b83730a4379c163ce7048a9537dff4a948782b022b0ce730d4f63

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIbluf7GyvMCFYqddwodeSAHyw&gqi=A3poYYSYOJKWrATInaKoBg&layout=/sadbundle/%24csp%253Der3%24/16845640505538247780/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIbluf7GyvMCFYqddwodeSAHyw&gqi=A3poYYSYOJKWrATInaKoBg&layout=/sadbundle/%24csp%253Der3%24/16845640505538247780/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 18:42:12 GMT
server: cafe
content-length: 36468
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 18:57:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 18:42:12 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 557B 142 KB
19 KB 1008ms
1006ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=90&slotname=1791799816&adk=3091447901&adf=2150344420&pi=t.ma~as.1791799816&w=728&lmt=1634236931&psa=0&format=728x90&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931804&bpp=1&bdt=787&idt=101&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=456&ady=2282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=3UeKmqTlGs&p=https%3A//www.plainstrack.com&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ec0944465d2f2ea8958eb927533bc3e499d3197d89b565157c1bca794419eadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4357940515248644&output=html&h=90&slotname=1791799816&adk=3091447901&adf=2150344420&pi=t.ma~as.1791799816&w=728&lmt=1634236931&psa=0&format=728x90&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931804&bpp=1&bdt=787&idt=101&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=456&ady=2282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=3UeKmqTlGs&p=https%3A//www.plainstrack.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 18:42:12 GMT
server: cafe
content-length: 19267
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 18:57:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 18:42:12 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 769A 0
19 B 24ms
24ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&adk=522671305&adf=1178619241&lmt=1634236931&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.plainstrack.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931839&bpp=1&bdt=822&idt=72&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250%2C728x90&nras=1&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=79

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4357940515248644&output=html&adk=522671305&adf=1178619241&lmt=1634236931&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.plainstrack.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931839&bpp=1&bdt=822&idt=72&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250%2C728x90&nras=1&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 18:42:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 18:57:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 18:42:11 GMT
cache-control: private

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 50ms
24ms Image
image/gif 64.233.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1795175967&utmhn=www.plainstrack.com&utme=8(Package*TeamID*TeamName*Level)9(Silver*21*Pleasant%20Plains%20HS%20(IL%271*High%20School)11(1*1*4!1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Plains%20Track%20%26%20Field%20and%20Cross%20Country%20-&utmhid=1422306627&utmr=-&utmp=%2F&utmht=1634236931935&utmac=UA-13069691-1&utmcc=__utma%3D210176724.2044693654.1634236932.1634236932.1634236932.1%3B%2B__utmz%3D210176724.1634236932.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=170686755&utmredir=3&utmu=qQAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.plainstrack.com
URL: https://www.plainstrack.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Oct 2021 18:42:11 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame E883 18 KB
8 KB 87ms
23ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 18:33:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E883 3 KB
1 KB 109ms
45ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 18:39:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E883 123 KB
38 KB 97ms
42ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 18:42:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E883 14 KB
6 KB 90ms
26ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 18:40:14 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/ Frame 7FC3 17 KB
5 KB 96ms
42ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

fa9f91a2c12b100fee5238d4fbbdd070a9c129047a53210feeb6094e781ed41c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16845640505538247780/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 11 Oct 2021 11:22:06 GMT
expires: Tue, 11 Oct 2022 11:22:06 GMT
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3418
age: 285606
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E883 0
0 57ms
56ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdXXTA3poYcbXOIq73gP5wJzYDLq_qKpirpbj-ugM2dkeEAEgjcvlDGCV4pCCoAegAbWQxMADyAEJqAMByANIqgT1AU_QhP_1-dK21zeYzDfLAZDn48z0JqOY4DoXtdi-UcvBCFpPqKg7ENjfGiNUsUmGacCrBYE0U5j27jggx2BNZqhFFpxjsGgv5uFi7qL-Xm208442Q1EfRnfofV0OGJ6b54o95GT3H32jvaN7lWiJI5qMeB7v3vUtEVxX4ZJYOynCvgAnNn2_Z2oAoLUEfm5qy3l9xZlYKZFl4r0E2Ba1zO4Dbg2ZtcG8lgQxFQSuZoXYycLMctHAEnN63Uh845nu1mionWAMLiYFGlxtLEG2dN-NmPfxLMesPn9skXeiVLbpDc0UuNY6VE8dSu-t9SMkK0-9n_3awATkoLeCtwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ3MkC0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQzNTc5NDA1MTUyNDg2NDQYAA&sigh=KXcXTbwDkJU&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 18:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 18:42:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3C9 143 B
163 B 14ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmwbNPZZmQ5QFKj3Iy2y6rcQfYhZaO67qEXvYenyRQxC-0WQKdWyZmq6DQ2MDY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=250&slotname=4544737989&adk=2570267000&adf=3683768922&pi=t.ma~as.4544737989&w=250&lmt=1634236931&psa=0&format=250x250&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931787&bpp=17&bdt=771&idt=81&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=727239234585&frm=20&pv=2&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=971&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=bNOAHHnz3e&p=https%3A//www.plainstrack.com&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 18:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7FC3 9 KB
3 KB 55ms
23ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:46:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7FC3 26 KB
10 KB 55ms
24ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:46:49 GMT

GET
H3 200 2b040956e0b852f74dc3ceeb77875d75.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/ Frame 7FC3 70 KB
18 KB 57ms
26ms Script
application/x-javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/2b040956e0b852f74dc3ceeb77875d75.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 477352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18743
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Sat, 09 Oct 2021 06:06:20 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Oct 2022 06:06:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

47ms
47ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmwbNPZZmQ5QFKj3Iy2y6rcQfYhZaO67qEXvYenyRQxC-0WQKdWyZmq6DQ2MDY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 18:42:12 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 19:42:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 18:42:12 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 18:42:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E883 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da0f6532be5ea781a54194f703827efdafa0a3d62bdd59dd4c1e9eb3a8e1798c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 7FC3 3 KB
1 KB 61ms
23ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/2b040956e0b852f74dc3ceeb77875d75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

ESF /

Resource Hash

ee6a89e40c1ebf2f5c7a14b8a0baf70e15b993a6ee3d447e6ea2daf0f9a29d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 17:41:56 GMT
server: ESF
date: Thu, 14 Oct 2021 18:42:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 18:42:12 GMT

GET
H3 200 01fb5aa3c8d9647875f468aa086f6c3c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/media/ Frame 7FC3 53 KB
53 KB 23ms
23ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/media/01fb5aa3c8d9647875f468aa086f6c3c.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

df576de62a501f5fe1e3c2544ce229e8158c6add251dda84a37023ebf0e2bee4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 466635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54424
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Sat, 09 Oct 2021 09:04:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Oct 2022 09:04:57 GMT

GET
H3 200 785b8fdb06d9a02af0d0dd2ea4482e40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/media/ Frame 7FC3 2 KB
2 KB 22ms
21ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/media/785b8fdb06d9a02af0d0dd2ea4482e40.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16845640505538247780/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

cb465f944c2a26046275de84440f0edf43003f9cd2c21e0980710718a674fe9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 28220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1985
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 11:45:02 GMT
server: sffe
date: Thu, 14 Oct 2021 10:51:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Oct 2022 10:51:52 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 7FC3 19 KB
20 KB 71ms
21ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:00:09 GMT
x-content-type-options: nosniff
age: 225723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:00:09 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 7FC3 20 KB
20 KB 90ms
41ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Montserrat:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:45:40 GMT
x-content-type-options: nosniff
age: 208592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:45:40 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ Frame 557B 189 KB
55 KB 101ms
21ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=90&slotname=1791799816&adk=3091447901&adf=2150344420&pi=t.ma~as.1791799816&w=728&lmt=1634236931&psa=0&format=728x90&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931804&bpp=1&bdt=787&idt=101&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=456&ady=2282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=3UeKmqTlGs&p=https%3A//www.plainstrack.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 14 Oct 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Oct 2022 10:03:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 557B 13 KB
5 KB 146ms
67ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 261120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Mon, 11 Oct 2021 18:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 18:10:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 557B 89 KB
28 KB 133ms
56ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 369164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Sun, 10 Oct 2021 12:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 10 Oct 2022 12:09:29 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 557B 71 KB
17 KB 148ms
71ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 260576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
server: sffe
date: Mon, 11 Oct 2021 18:19:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72e3028abbd677c0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 18:19:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 557B 4 KB
2 KB 144ms
68ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 140447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Wed, 13 Oct 2021 03:41:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 557B 40 KB
13 KB 145ms
68ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 450206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Sat, 09 Oct 2021 13:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Oct 2022 13:38:47 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 2 KB
2 KB 22ms
21ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 19439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 15 Oct 2021 13:18:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 295 B
319 B 21ms
20ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 78391
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 14 Oct 2021 20:55:41 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 557B 43 B
1 KB 60ms
16ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586235&cb=1010469682

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Gelsenkirchen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 14 Okt 2021 06:42:12 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 14 Oct 2021 18:42:12 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 557B 0
17 B 57ms
56ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co4HpA3poYebhOML03wPRpKuoDbSby7Blvq-pxuwNitGj7b4BEAEgjcvlDGCV4pCCoAegAYuuwOQDyAEJqQJJlUbW8HGzPqgDAcgDCKoE6wFP0EngnweDnYcs7QVGqshnEGoylGsFgroLiWu-oTnl-vgmMZcenPFu8GmzYHfZlP0inDSq7-ZXI3aISrBQFNeM_IpBY0XoHe78mW0zYwZHq2p8Yr9eaIa4gmsPEoT5AwXID_HAloFohM3clWLzAKGNjv0_nmzdd6caLZBXb9uSJACZMPXWIAl4d4YI-5KOOO6KPHEbACfmvXbOJ42dIuZY2lAXPvt_A0179TnZbx5TOu6uu_7vQLMU55Sz96kMwW400F1JJ72qLCtZZ4SxIqeRHLVwz0ZJxQzkVij5JpphHEIP3sGkEjtc4oPLwASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQn_cE0ggJCIDhgBAQARhfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTQzNTc5NDA1MTUyNDg2NDQYAA&sigh=xi8Kw-qXH2w&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4357940515248644&output=html&h=90&slotname=1791799816&adk=3091447901&adf=2150344420&pi=t.ma~as.1791799816&w=728&lmt=1634236931&psa=0&format=728x90&url=https%3A%2F%2Fwww.plainstrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634236931804&bpp=1&bdt=787&idt=101&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&correlator=727239234585&frm=20&pv=1&ga_vid=2044693654.1634236932&ga_sid=1634236932&ga_hid=1422306627&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=456&ady=2282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21066435%2C31063156%2C31062525&oid=2&pvsid=3594915331194261&pem=532&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=3UeKmqTlGs&p=https%3A//www.plainstrack.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 18:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 557B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c10df81c0518c28633b51f351e82f2a430299cd83e4ec27694593686e5509af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 txt1.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 4 KB
4 KB 21ms
20ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/txt1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

fb1dde7af1339f2d94e67aef0856df680e35d7cf863936edf007544fd8631119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:55:44 GMT
x-content-type-options: nosniff
age: 207988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3782
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:55:44 GMT

GET
H3 200 txt2.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 1 KB
1 KB 22ms
21ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/txt2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

996745817132e5698822c3cf56520fbf9f12610807ccbb9c660b68aebb74082f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 06:45:10 GMT
x-content-type-options: nosniff
age: 388622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1213
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 06:45:10 GMT

GET
H3 200 txt3.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 2 KB
2 KB 23ms
22ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/txt3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a42ff53efccd7fb8d3e5872140bcf26bd1865229dc1a8256f35b8427ce54ea70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 17:59:17 GMT
x-content-type-options: nosniff
age: 175375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2199
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 17:59:17 GMT

GET
H3 200 preisButt.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 3 KB
3 KB 23ms
22ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/preisButt.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

268944b839943fef35c6ac29da34418af33289e63ddfcedea77712f623b73524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 22:07:40 GMT
x-content-type-options: nosniff
age: 333272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2983
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 22:07:40 GMT

GET
H3 200 ll.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 871 B
897 B 23ms
22ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/ll.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4259a17c6fa06fe786c873b13474afa3466a4883157ff660d30dfdfb9e846894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 22:07:40 GMT
x-content-type-options: nosniff
age: 333272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 871
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 22:07:40 GMT

GET
H3 200 CTA.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 933 B
961 B 23ms
22ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/CTA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

7b800e8299d563c5ff1a28e3c22c5f85999bafe7dd20954ddf5e65c96873abbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:01:46 GMT
x-content-type-options: nosniff
age: 531626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 933
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 15:01:46 GMT

GET
H3 200 DBx.png
tpc.googlesyndication.com/sadbundle/496014155520095111/images/ Frame 557B 1 KB
1 KB 23ms
23ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/496014155520095111/images/DBx.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

d5b604601ccbbf3154b1b116626d02937a42286c5a57546997044157f0681751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 18:12:17 GMT
x-content-type-options: nosniff
age: 174595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:32:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 18:12:17 GMT

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FC3 35 KB
13 KB 14ms
13ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 18:25:47 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012109102127000/ 20 KB
7 KB 63ms
21ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 396362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: sffe
date: Sun, 10 Oct 2021 04:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "baff4e4cf8d00f8d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 10 Oct 2022 04:36:11 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 2 KB
2 KB 20ms
20ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 19440
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 15 Oct 2021 13:18:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 295 B
326 B 20ms
20ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 78392
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 14 Oct 2021 20:55:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 49ms
28ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

646c2045e4193c6df9d9cfd8f114dc910b9089631120c8e43204c25dc310d7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 18:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8434
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 14 Oct 2021 18:42:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 01E0 12 KB
5 KB 20ms
20ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 14 Oct 2021 16:04:25 GMT
expires: Fri, 14 Oct 2022 16:04:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6EDF 783 B
534 B 96ms
36ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

86ef3f99a228eb98dc5bf8962b291ba9d160dd95cbeddac8b748aaefd1604a85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VIHN2MtqsmZKhdJcIxTZNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plainstrack.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 14 Oct 2021 18:42:13 GMT
date: Thu, 14 Oct 2021 18:42:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VIHN2MtqsmZKhdJcIxTZNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 01E0 35 KB
13 KB 13ms
13ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 18:25:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6EDF 0
0 111ms
110ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=3594915331194261&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=3594915331194261&bg=!QkGlQQXNAAbGFvHlxhY7ACkAdvg8Wq-ohwroUjafQ70faJrH2c5XSG6OH84ZK0yTRx5LeoJ2fQGTjQIAAABiUgAAAAhoAQcKAOC9c0oHfm8Q0mU2hJ0uHLzyXmLPM2lUUtbeO4S0r3f19hOfR-Mh0CcdSCDFzWTil1X8LBqwVc4o-n2_GdsKdgms-UTgc9VN8DGqIjrrr_vZpuiLRbPy-KTw58GZ7sxsZMZgP-C_M7HRQNQucwxKday7zm-O7ZJSBROOiGU517f9uLU2Dl2mkAtAU7wo-FLF-25buMr42iyuE3w7zmhOtn_2aGPmhzH3yjnda9wWTC7jbUic3qopD3XFGqgM_LnOy7b57j3uEnTZwGADuhaREmgQLUbEJtRHi3Pz9K6CfAiN9pkCrzw2xMIav8UE5MOSOxietcOEkNJ4OhaxDLB0CSWzP8d-wc2YCKDmI8cl_mkBEv1MUDN_p734yr5v9fkND7fd9nkpFA2BTr1IivQLhD1z1LLci2bOtNhAWfn4mS6PZBPbLmzcd4KwzTs83ixLklzAA8eXMXv3_6SelYtjRCWEYdDh5VEQClRpkYyACzvl0AdVVfGx5b0elRt5Ycvd3eoP7RaEZ61XfHoP18WSZ1FgT25fUMIAaZ-ivmRxTNxVcl5Jg3GtIcfP6WxG1VEQbd95Sreso5R6kCOAWqr3g6EKnaI_WgAMz-ruyIjSsAOSdpaFEvaq-od4J_b-a2v_AlJRu-n2cE5gxm6YVMnWQnzIx3Fba11AoOql8LC-BufOTx3IsRmal0J2aBn9zYcfaG2DWcO0IjH6laNLfzLyTy1vXFRIrI4_kMBbpd0zIQ5F25-znL6gcMq7DFiMdqFtPhuMRztgUmobvJwuu5HBT5hgSmo2MaphC3FSmhQooXpVWEDKkpceuJMmxQOpoZXUm5SxwqGzKOKwBMECIXxZ7qZtnzp0UhKEA9QQHxSJMzhK_mEfiwmjQRCYQ44i4d_Bf_0Vjk7429Yocw6ojLffMIFZbOJDt85OaTtHwsOsh2JZ-VpboUKs8eApvC7UuqPSg7Em9f6QEfa74a4Ui-WmrS-H5IIC-qhgPn8MUb0gcem8txGBs9OarPkQELeGIMlMLijg9bY1YjAA37zjRpgVrqLFMH-twK7bia_BWiP8_SFjcaFP9H3JG0Zh-V7bff7Sb7m_wMAhrTowXcCClgWqip0PtY8y7YRhxZSazEhbeB-ZlngJVmzGTsJ4RzEqoZqRk6TxhD1npQEAltuNyyEY9xbiqZXUdpbYWmOLKwhxhHO2HeM2vI9Ab7u5iT0UzhzQ1qvOOw

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.plainstrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 18:42:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: query.yahooapis.com
URL: https://query.yahooapis.com/v1/public/yql?format=json&rnd=20219418&diagnostics=true&callback=jQuery110205624778812329998_1634236931621&q=select%20*%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text=%2262677%22)%20and%20u=%22f%22&_=1634236931622

Domain: query.yahooapis.com
URL: https://query.yahooapis.com/v1/public/yql?format=json&rnd=20219418&diagnostics=true&callback=jQuery110205624778812329998_1634236931623&q=select%20*%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text=%2262677%22)%20and%20u=%22f%22&_=1634236931624

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.plainstrack.com/	1969-12-31 23:59:59	Name: sw16 Value: 4a758uq39nsseu0uh1eemk6ob3
.plainstrack.com/	1969-12-31 23:59:59	Name: __utmc Value: 210176724
.plainstrack.com/	1970-01-20 02:20:04	Name: __utmz Value: 210176724.1634236932.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.plainstrack.com/	1970-01-20 15:28:28	Name: __utmv Value: 210176724.\|1=Package=Silver=1^2=TeamID=21=1^4=Level=High%20School=1
.plainstrack.com/	1970-01-19 21:57:17	Name: __utmt Value: 1
.plainstrack.com/	1970-01-20 15:28:28	Name: __utma Value: 210176724.2044693654.1634236932.1634236932.1634236932.1
.plainstrack.com/	1970-01-19 21:57:18	Name: __utmb Value: 210176724.1.10.1634236932
.plainstrack.com/	1970-01-20 07:18:52	Name: __gads Value: ID=6a70da206233f7d4-22cceb76f4ca00af:T=1634236931:RT=1634236931:S=ALNI_MZv8jxArcY7IkuUxNVuRLlITcSMlA
.doubleclick.net/	1970-01-20 07:18:52	Name: IDE Value: AHWqTUmwbNPZZmQ5QFKj3Iy2y6rcQfYhZaO67qEXvYenyRQxC-0WQKdWyZmq6DQ2MDY
.doubleclick.net/	1970-01-19 21:57:17	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:57:20	Name: DSID Value: NO_DATA
m.exactag.com/	1970-01-20 00:06:52	Name: exactag_new_gk Value: 60800ee5372a46a2a0c08a31e535a879%7c13.12.2021+18%3a42%3a12
m.exactag.com/	1970-01-20 02:16:28	Name: exactag_new_uk Value: a214a1bc865a482ca55c9756dea51563%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9b277f64107c4eeb8ef3a773

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://query.yahooapis.com/v1/public/yql?format=json&rnd=20219418&diagnostics=true&callback=jQuery110205624778812329998_1634236931621&q=select%20%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text=%2262677%22)%20and%20u=%22f%22&_=1634236931622 Message*: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://query.yahooapis.com/v1/public/yql?format=json&rnd=20219418&diagnostics=true&callback=jQuery110205624778812329998_1634236931623&q=select%20%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text=%2262677%22)%20and%20u=%22f%22&_=1634236931624 Message*: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.exactag.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
query.yahooapis.com
stats.g.doubleclick.net
sw1.s3.amazonaws.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.plainstrack.com
www.steepleweb.com
query.yahooapis.com
104.18.10.207
142.250.184.194
142.250.185.163
142.250.185.170
142.250.185.66
142.250.185.68
142.250.185.97
142.250.186.65
142.250.186.98
172.217.16.138
172.217.18.98
172.217.23.98
192.229.233.50
216.80.18.57
52.217.137.97
64.233.166.157
85.14.248.71
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eba3b642169065b461d6ec59c2bb8b3961e919369d73162313e0990225341f5
10a81afde9ee4d305d9ee31b5f3eb6db4f9b2656131aac38385a25a35dc08cfd
13672e25a646936d48cfed1b766d59b25da2391531b507668f73ce4cc5f9d10d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
208b880c147e39862402b1156cb6ea95dcd5df57eda4ed9ebcc09f03f9b2409d
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
24525c270c42cc76af8a707dd251883090494d97c3861a6a6b3e0f3cf973779b
268944b839943fef35c6ac29da34418af33289e63ddfcedea77712f623b73524
301eae52945aa6840eca5706118876d3c152999a40f85def7fc184163fcdf4f6
31f86de099333264e6aee0176f075d3698af1d94bdc060c9e307ed72e253b753
31fb0a5a9c3ffc2ff538546dc5db11a263875cc49eff6ac44685c6882f508d59
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3dc20cd869d794d7498aba02a09136279e5f604923c21ed1893242038ff3ffa8
4259a17c6fa06fe786c873b13474afa3466a4883157ff660d30dfdfb9e846894
4c10df81c0518c28633b51f351e82f2a430299cd83e4ec27694593686e5509af
4ed746c104ee8f15a51164d92a0658a26842dcb550577f876f4f6d0c8cfc0141
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52a9b85f6e5fdfa0f28766736d6997673b87e0366611208375bc7e16ad655cdb
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c
5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a
5bb5875f469b83730a4379c163ce7048a9537dff4a948782b022b0ce730d4f63
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
646c2045e4193c6df9d9cfd8f114dc910b9089631120c8e43204c25dc310d7fb
665912d0b6734bcd2c38d72e39ee9532b3502714f199191414e326a329a65fd2
6f24b36a8440b32139ca01fece5ac624c01735210c09f30cb3b4d1bd08643299
7203e23eab5ec5055c32c2067f09d71ae173bfea3c1ba300d1fbaeecbafd22d4
74a5c7a89bb616c7f306d54ff3074e93e66fe93e87f15b5451611dc9c5e879d5
7b800e8299d563c5ff1a28e3c22c5f85999bafe7dd20954ddf5e65c96873abbd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b492f0d75f657ec548f87f3707eb4b705eac6229a6a0399da5a6c33bedfa3a
86ef3f99a228eb98dc5bf8962b291ba9d160dd95cbeddac8b748aaefd1604a85
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a0216787780ae93b95dc13e8a2ae3a2b14b084bdc0b5cd0ae7bc4ca9999f706
8cecfd71f1c0b627771890b2c221dd97fe3e95cb569cc0e8c50fa30d49125da3
9008e76905a644534928cc66c45838c46d477ff7da76c168cd04d74a6e8aa10f
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
996745817132e5698822c3cf56520fbf9f12610807ccbb9c660b68aebb74082f
99a36c2374e0bab216ef70792f68a72b9870011dd7abfce2397b6385f1e72fcd
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a42ff53efccd7fb8d3e5872140bcf26bd1865229dc1a8256f35b8427ce54ea70
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cd96538e5cba2ea3b69e7f1371916798ee9ef6587c866199e2dc4466f15287
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab6f6533a8d460f0e10106f1aaf11838392a8ec02413920511385267a3f24ecb
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
be1f412b05f5746d45bcf76bcbcb8dda7c4494a8b7aa4756753151c15526fd0a
c2da4720398d9dfc58821573db8754ac6d3d1d3ea612689cc94f1fba3ec8da15
c8995823960fff997e42ee851286efbcce990f13c48a63c42a04319781cc1702
c8c64788c7eee7da2b2295bc5df02555595287e3ac51fd4f235a589d8f54bda0
cb465f944c2a26046275de84440f0edf43003f9cd2c21e0980710718a674fe9d
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
d3277ab458813a926a89b77ffc70939e17d33cf2e77c4f24a9e9e43aa570ca0b
d466bc93838c53b47075ba75490fb453aff039193851455b38739f8ce74e8d83
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d5b604601ccbbf3154b1b116626d02937a42286c5a57546997044157f0681751
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7bcbde97a81c4dc34ea729e2cd3515a2bdbb6773015165437c3b286bb7acdfc
da0f6532be5ea781a54194f703827efdafa0a3d62bdd59dd4c1e9eb3a8e1798c
df576de62a501f5fe1e3c2544ce229e8158c6add251dda84a37023ebf0e2bee4
e21f69b1295c807f95802cf7e1e934b53ea81ee4ae4b3df659537598b9f5d913
e36dc888a9ba5d54dc4ba3a64ea21f889ca2d11dd327998161f8fb1ff1c83bf0
e39420040332a3ac2e7c2a68032148b8e1e4e513508da0a26e3208bcfa92bcad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff
ebe004f9cd9ad010a7e897afc96e74c46058d0ae8c6cca08bcbd726b8a858589
ec0944465d2f2ea8958eb927533bc3e499d3197d89b565157c1bca794419eadb
ee6a89e40c1ebf2f5c7a14b8a0baf70e15b993a6ee3d447e6ea2daf0f9a29d8e
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
fa9f91a2c12b100fee5238d4fbbdd070a9c129047a53210feeb6094e781ed41c
fb1dde7af1339f2d94e67aef0856df680e35d7cf863936edf007544fd8631119

www.plainstrack.com Open in urlscan Pro 216.80.18.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

98 %HTTPS

0 %IPv6

16 Domains

20 Subdomains

18 IPs

3 Countries

1348 kBTransfer

2459 kBSize

14 Cookies

19 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.plainstrack.com Open in urlscan Pro
216.80.18.57 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

98 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

18
IPs

3
Countries

1348 kB
Transfer

2459 kB
Size

14
Cookies

89 HTTP transactions
2 data transactions