www.ip-adress.com Open in urlscan Pro
2606:4700:3030::ac43:9c1b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dialog.lk.dedicatedornot.com/
Effective URL:
https://www.ip-adress.com/website/dialog.lk
Submission: On March 18 via manual (March 18th 2022, 5:14:56 pm UTC) from IN — Scanned from DE

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3030::ac43:9c1b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ip-adress.com. The Cisco Umbrella rank of the primary domain is 268961.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.ip-adress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	148.251.120.226 148.251.120.226	24940 (HETZNER-AS) (HETZNER-AS)
17	2606:4700:303... 2606:4700:3030::ac43:9c1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.217.104.34 95.217.104.34	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:7c00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	54.36.109.46 54.36.109.46	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
58	19

1 148.251.120.226 (Braunlage, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: lychee.pi.activeminds.net

dialog.lk.dedicatedornot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:9c1b (United States)

ASN13335 (CLOUDFLARENET, US)

www.ip-adress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.104.34 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: h-hel-02.ipaddressnetwork.com

wh.ip-adress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7c00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ip-adress.com www.ip-adress.com — Cisco Umbrella Rank: 268961 wh.ip-adress.com — Cisco Umbrella Rank: 642181	105 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122	67 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	195 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
3	gstatic.com www.gstatic.com	13 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 488	12 KB
2	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 7742 ezodn.com — Cisco Umbrella Rank: 7515	114 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	36 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 8598	2 KB
1	dedicatedornot.com 1 redirects dialog.lk.dedicatedornot.com	311 B
58	13

	Domain	Requested by
17	www.ip-adress.com	www.ip-adress.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	www.ip-adress.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c.amazon-adsystem.com	www.ip-adress.com c.amazon-adsystem.com
3	www.gstatic.com	3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
3	www.google.com	1 redirects tpc.googlesyndication.com 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
2	fonts.googleapis.com	3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
2	3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	www.ip-adress.com
1	go.ezoic.net	www.ip-adress.com
1	wh.ip-adress.com	www.ip-adress.com
1	ezodn.com	www.ip-adress.com
1	go.ezodn.com	www.ip-adress.com
1	dialog.lk.dedicatedornot.com	1 redirects
58	20

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
www.trackipaddresses.com
www.ipaddressapi.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
wh.ip-adress.com R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ip-adress.com/website/dialog.lk
Frame ID: 72ACAA46F442709AB8D0FC1100522E6A
Requests: 40 HTTP requests in this frame

Frame: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD020B10F24DD0AEF6F2642705A17542
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF0FDDE4CC079061A170862C776A67C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 077C51915B5B07483F78A6B0181EDC8C
Requests: 2 HTTP requests in this frame

Frame: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3A5589B6C91571E369D19AA11C9F9F3A
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E48355437C2A769F415FF529E3078B69
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0396E03FBA3954A6CE7BC6B9ED35EA92
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dialog.lk - All you need to know about Dialog

Page URL History Show full URLs

http://dialog.lk.dedicatedornot.com/ HTTP 301
https://www.ip-adress.com/website/dialog.lk Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

58
Requests

100 %
HTTPS

68 %
IPv6

13
Domains

20
Subdomains

19
IPs

4
Countries

589 kB
Transfer

1818 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: http://www.trackipaddresses.com/
Title: IP Location Database Download

Search URL Search Domain Scan URL

URL: https://www.ipaddressapi.com/
Title: IP Location API

Search URL Search Domain Scan URL

URL: https://www.facebook.com/whoisip
Title: Visit ip-adress.com on Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dialog.lk.dedicatedornot.com/ HTTP 301
https://www.ip-adress.com/website/dialog.lk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

58 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request dialog.lk Show response
www.ip-adress.com/website/
Redirect Chain

http://dialog.lk.dedicatedornot.com/
https://www.ip-adress.com/website/dialog.lk

121 KB
32 KB

790ms
740ms

Document
text/html

2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ip-adress.com/website/dialog.lk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94dd1012448e4612c665b0cb210aae67135f3ffd9a7e9e518d373d344399fa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Thu, 17 Mar 2022 17:14:52 GMT
pagespeed: off
response: 200
strict-transport-security: max-age=15724800
vary: Accept-Encoding Accept-Encoding
x-ez-minify-html: 5.67% 119848 / 127051
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ%2FzrB1WAYvYxOdQ174mdQgVpkiLNdpQdgykCp5V7dyg5kz6493nQRc50kEjSIziN4y5L4jJ%2BFzELChpwA8U47X4B346AGgbk1twTmL3MS3RX%2FHGHMoLMJZNBPaBfUkBo7FZbYV3sSEB3JGvj4lF4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6edf9b67bd6d926b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 18 Mar 2022 17:14:51 GMT
Server: Apache
Location: https://www.ip-adress.com/website/dialog.lk
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 209
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 78ms
56ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27856
x-xss-protection: 0
server: sffe
etag: "1161 / 93 of 1000 / last-modified: 1647601738"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 17:14:52 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 377 KB
112 KB 82ms
35ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,appnexus,criteo,ix,medianet,oftmedia,onetag,pubmatic,rhythmone,rubicon,sovrn,unruly&cb=195-0-35
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90af7ba4acfaa3e4a194523f2bb9512cfdbd68677ec0a1385fea1b6106b6480f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 13:32:39 GMT
server: cloudflare
age: 13333
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdcOgAT8B%2BzilYm%2FQkV2I33NnmCqtj3YeU9NmIuyHSvsKxXj44DI7IUYjvPfetOXakBTIljnJz6cyy%2BMxegMFJ3DMzID19z2ZoBAecVCcD62BMY%2FtW%2FBUq7OtvpCCqDeot5K8if5r%2Bt%2Be4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6edf9b6ccaa5900c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 36ms
8ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 469
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SMVARZRK5AK5T12RR17
date: Fri, 18 Mar 2022 17:07:04 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FLyg9KJJC9LCyAEhdo2vtB6yxmC9ePt0vy9d8av3_MSRHhYH-p6ugg==

GET
H2 200 consentsettings.js Show response
ezodn.com/detroitchicago/ 1 KB
1 KB 95ms
33ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2482959
cf-ray: 6edf9b6ced4641f0-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Feb 2022 18:12:19 GMT
server: cloudflare
etag: W/"5be-5d83ab4f474b6;5d83ab4f474b6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx2AI6%2BbkKXO7iq4QzTYJIvvr%2F1jE1rSo4lcZ9%2BQy%2B6cqHbp0GO0ViO5pbcqZlaLrj3On1rfAPzqrAAYGuuXO9j3ALLPxgcRy%2FDAprIbmbQCRyqorgdnp0NoZswEmMgYYGLkc9ejyUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H/1.1 200
OK c1,128,133
wh.ip-adress.com/ 43 B
351 B 153ms
55ms Image
image/gif 95.217.104.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wh.ip-adress.com/c1,128,133

Requested by

Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.217.104.34 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h-hel-02.ipaddressnetwork.com

Software

Apache /

Resource Hash

adbd898659041a06390aec3d886c7669946739187af1dc74ddcc2963a1c8252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 17:14:52 GMT
Referrer-Policy: same-origin
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/gif
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 200 ezcl.webp Show response
www.ip-adress.com/utilcave_com/inc/ 1 KB
1 KB 50ms
49ms Script
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: BYPASS
x-sol: middleton
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVDuIxIhB%2B2X%2FcR%2B5U2frEca56uSlnSlm7kjMX%2F3B87J7vArTdf%2BvFsSo%2F%2BgmiG5YZiZkIcirIJhOIuwtt3vYk3mlCbe63Nlkl3aNEi3duiO9PuxLS7SdyaGYh6kGsKTEnlVmpHrPHA7D6RBOBopYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-ez-minify-js: 0.00% 1337 / 1337
cf-ray: 6edf9b6d18ec926b-FRA

GET
H2 200 banger.js Show response
www.ip-adress.com/porpoiseant/ 53 KB
13 KB 29ms
29ms Script
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/porpoiseant/banger.js?cb=195-0&bv=107&v=57&PageSpeed=off
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd68c052809d8493e51279d412a739271c2f9e007b8eabbe3d8d7c6320cc583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242498
cf-ray: 6edf9b6d18f0926b-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Mar 2022 21:53:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmDSJsVovnb7Cr5MjWPemLDb45gGNfJeX9DdLQ%2FSIACXtqzwpzKcnXdtFaTemzaTwwva%2BhO3bXdPBZIlg8Te0B2rSVEUKMRGaBpS5Zb3CbRYKqTodZdIjOue7VzQdqnYh4Bc9XG8iPlcj1t3ddoPUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 cmbv2.js Show response
www.ip-adress.com/detroitchicago/ 102 KB
31 KB 30ms
30ms Script
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abffe68741b9c1fb75cd6d0082b4a8130b2f994233d464b2f1b37eecf404e3f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123275
cf-ray: 6edf9b6d18f2926b-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:00:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAkGMBoFKx2f9dYmSlv6i%2F8HLrC5NKClZN4Dt0R2V0yZGMlxGiHlhuyJqO%2BmoseKtcjLUGqm49N1FEprCeSbD2j4mvcEQCNDJbbbdp%2Fo62aAc9%2F1DRhjadOsyWLd8O2oh6Po21mpDCWLcZ14QdSMZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 367 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a17e8fca1802d26a70cc173321ebf630dc724627444f61867228a5e9bdedd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 map-preview.png
www.ip-adress.com/img/ 652 B
2 KB 29ms
29ms Image
image/webp 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ip-adress.com/img/map-preview.png?ezimgfmt=ng%3Awebp%2Fngcb1
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c26be50f520fe80a0433dd437dce754a6dbcf8b591effc95aed8a3fb93449b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1888285
x-amzn-requestid: 833cb180-a112-4c01-bdda-4e77c4160f48
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OCeBpEbhIAMF4BA=
content-length: 652
display: staticcontent_sol
response: 200
last-modified: Thu, 24 Feb 2022 20:43:27 GMT
server: cloudflare
x-amzn-trace-id: Root=1-621743a3-2813ea8f0c3f333a51038058;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7PONcuofsj0EYn9gOL1N4v99%2BJdA2J72Gz1pCnNkloBX%2FkkCfey%2FSSX6AzJ7CcSA2IgIqX5Ma8e98qPgJ%2B%2BxqaNyrNHHFbaEIoVhmAM%2Bj2oLiQ7pjmVjmiLPD1wqrC9Ij1LqBmNQbGEkE6JoHAanQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6edf9b6d498d926b-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: QyH7RmRWUuP1hzK4QeOPtBgWTeJBhzsQjKV0xVCOeCyVYrtK32aBDA==

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 22ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 16:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 16:17:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 94 B
108 B 31ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ip-adress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

57823fee05c94a28bc9d4a44da56715f6f5b4b26ac4427692f03713da6b86635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Fri, 18 Mar 2022 17:14:52 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 47ms
7ms Image
image/png 2600:9000:2156:7c00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 07:27:28 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-sol: middleton
age: 380844
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: QoUZVF824fqvZL2bhRWcESkQu9hqaz7vEpLtAXRe4ojEfBvrsnb4_g==
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
display: staticcontent_sol
expires: Mon, 21 Mar 2022 07:27:28 GMT

GET
H3 200 houston.js Show response
www.ip-adress.com/detroitchicago/ 4 KB
2 KB 35ms
34ms Script
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/houston.js?gcb=0&cb=16
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1925341
cf-ray: 6edf9b6da9789223-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 10:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUcsQS56RzNpEE9dk6kGQbcJ%2FEqbB8qgZozs8b2iYRjnVFWZTrlC0Y58uL415bV5Li06UNSZ%2FA%2BSm1pitmp8Ry6gkPJ61tfk6Hlmc66yUQ2OaaR4HX6W7yhz9jq69rY0G6O2Uwnrvctgnrk8su4MWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
742 B 9ms
9ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ip-adress.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 12:18:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server: Server
age: 17787
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ip-adress.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 385
x-amz-cf-id: qh29n7R97CAP4awL5U65AtlW9CcQEZIoH6MYmfEseFroANM-gYwi-Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 54ms
54ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ip-adress.com%2Fwebsite%2Fdialog.lk&pid=7vyHAQxpSz4RP&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-medrectangle-3-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-medrectangle-4-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-box-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-box-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-box-4-0_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-box-4-0_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-ip_adress_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C10705829087%2Fip_adress_com-medrectangle-1%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C8a03286296232049b8cebaa0bc378c38%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: FQCWS8ZSA6Y6Z51WPRSK
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ip-adress.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: k927_aZehFNl6f7mNeap_O115BQ6fRTX8B7lti9BlACNss9zCnw1aQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
9ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 53521
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Fri, 18 Mar 2022 02:22:51 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: y_nrJw_2ionHMajM19iTxfgXxZ1CLQ1yZV4eecCfxw6f_zm-XblEVg==

GET
H3 200 imp.gif Show response
www.ip-adress.com/detroitchicago/ 43 B
665 B 48ms
48ms XHR
image/gif 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A4%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C21%2C22%2C1%2C5%2C3%2C3%2C3%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A8%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A5%2C%22domain_id%22%3A330059%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221006%2C1100%2C1102%2C1103%2C1104%2C1105%2C1106%2C1106%2C1106%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2229f35ce6-fda1-4fff-608d-6eb8994e8725%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A32630%2C%22response_time_orig%22%3A452%2C%22serverid%22%3A%223.68.189.33%3A28003%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1103%2C1104%2C1105%2C1106%2C1106%2C1106%22%2C%22t_epoch%22%3A1647623691%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.ip-adress.com%2Fwebsite%2Fdialog.lk%22%2C%22user_id%22%3A0%2C%22word_count%22%3A323%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1Y9EvKV1NFj%2B7n3xuAF6vely05pekX8S52QU%2B5Ww888YD0diU6gkQGhp7XnlrdgMvFLjsIeVdgqZHWdlWUDrsZaMW%2FlbMqMQS5k4kDWJk8F286hBZRgw3blBwqFqspA9oYJ6ZH5oIX9yNgeF4W7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b6db9b99223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 17 Mar 2022 17:15:07 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 cmbdv2.js Show response
www.ip-adress.com/detroitchicago/ 46 KB
12 KB 27ms
27ms Script
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y37-23y5a-21&cmbcb=28&sj=x03x0cx18x37x5a
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc58709ec76914ff4ffa5d0f5fa04b5237a4b8e74eb7d65f6b906604cbe8606d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152827
cf-ray: 6edf9b6dc9bd9223-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 22:47:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3sD5e88RWW%2Bl22HoJ93bDAT9%2BHg4FaCLY9tSdJDhr02JPA27J8hE4r4CZYzwqNT80iyoL01Kc1ooch6QolWpnqk%2BlRzTZOeJsFFNnaxwZpfioniUMU0%2BjAfBtOw%2FXGIuhVRh0UOUu%2B3e%2B8tzlYUrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H3 200 nmash.js
www.ip-adress.com/porpoiseant/ 24 KB
7 KB 29ms
29ms Other
application/javascript 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/porpoiseant/nmash.js?v=107
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242498
cf-ray: 6edf9b6dc9be9223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
etag: W/"6003-5d9e556d39bc0;5d9e556d39bc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbsi2%2BLPMS4iVH88UM%2BBoY%2FA1Pp42icT5GDb%2BX3VKi1KAyPe8UQnLVSCp84%2FxznlRNpJYY1%2FGxpBQ0Gz1E6RINV1GyDW%2F16esO9rytVdSzrt493YEWq6Wzp3fGKgCI2mvDIysKlgUQaCMD5uZgXFvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 44ms
16ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Fri, 18 Mar 2022 17:13:11 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 424444826

GET
H3 200 us.png
www.ip-adress.com/flags/ 142 B
1 KB 44ms
44ms Image
image/webp 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ip-adress.com/flags/us.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e96f9c40972d0d2aac1a69e803a0734915e8ad5cde75f112b5b371a9c21dd25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:52 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541104
x-amzn-requestid: d8db5b8d-5866-47e5-9e31-33ab6fec7657
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: O2pRAGoXIAMF0mQ=
content-length: 142
display: staticcontent_sol
response: 200
last-modified: Sat, 12 Mar 2022 10:56:28 GMT
server: cloudflare
x-amzn-trace-id: Root=1-622c226c-0924140e46ef68df698f730a;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVAg0SZNukpaRsRwr0%2BewE0n7kWenoBMSZpyl%2BfcOScxEHi%2FKy91pGbrr5%2FsVuDKUNnGMhkCLbRt8wccAMEqG6YQ9RJgpcO195ZdvaFF5Jg1ef2E99IpGK8uTNMqThjQ%2BRebMJodd3pQl%2By7FXFGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6edf9b6dc9c39223-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 8Tle3XIytex2XtV_AMWrGBZINBPq4uk33sMoCo3BgRcO2NHE1Ybj8Q==

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
535 B 39ms
12ms XHR
application/json 54.36.109.46
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.46 , France, ASN16276 (OVH, FR),

Reverse DNS

p01.id5-sync.com

Software

Resource Hash

8d347fc948dcd258a2c57986c919f2c61d8f78efcb867332cd403539833442c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ip-adress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ip-adress.com
Date: Fri, 18 Mar 2022 17:14:52 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 53ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ip-adress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 17:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ip-adress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 17:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
31 KB 472ms
472ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1594271197040781&correlator=3366868489847251&eid=31065657&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=1254144%3A10705829087%2Cip_adress_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3646847864&sfv=1-0-38&ecs=20220318&ists=1&fas=8&fsapi=false&prev_scp=ga%3D2497208%26tap%3Dip_adress_com-pixel1-3103468625075139%26ezoic%3D1%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26ap%3D9999%26iid1%3D3103468625075139%26bra%3Dmod1-c&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1647623693423&lmt=1647623693&dlt=1647623692210&idt=225&biw=1600&bih=1200&adxs=-9&adys=-9&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.ip-adress.com%2Fwebsite%2Fdialog.lk&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1714045894.1647623693&ga_sid=1647623693&ga_hid=1961750685&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2afbbd95272b719693403d7e4780b65303687ec679d7e57fd9002d5e03ac8c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31230
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ip-adress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 46ms
22ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08c1b7fad4b14c21309c31ad5e060b31eb95db7cd24368a6a8a777f2e52dee7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 17:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10641
x-xss-protection: 0

GET
H2 200 container.html Show response
3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD02 6 KB
4 KB 72ms
19ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Mar 2022 17:14:53 GMT
expires: Sat, 18 Mar 2023 17:14:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022031401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

08df2978062ef1be1c6237860067c31b5e32c94d01a8b8d4af6d5a4b523e4840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13277
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Mar 2023 18:11:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 66ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 17:14:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF0F 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 16:18:00 GMT
expires: Sat, 18 Mar 2023 16:18:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 3413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 077C 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3e8e3307e78c7f2a9c2922712803bfdde14896255a66f335b2e602d2c98ca04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O893HbiZ1kh216dvbD8L/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 18 Mar 2022 17:14:53 GMT
date: Fri, 18 Mar 2022 17:14:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-O893HbiZ1kh216dvbD8L/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame FF0F 35 KB
14 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 327569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 077C 0
0 63ms
61ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=1594271197040781&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF0F 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vdH1LQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A55 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 17:14:53 GMT
expires: Sat, 18 Mar 2023 17:14:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 greenoaks.gif Show response
www.ip-adress.com/detroitchicago/ 0
623 B 43ms
43ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiZG9tYWluX2lkIjoiMzMwMDU5IiwidF9lcG9jaCI6MTY0NzYyMzY5MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDMtMTgifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI5ZjM1Y2U2LWZkYTEtNGZmZi02MDhkLTZlYjg5OTRlODcyNSIsImRvbWFpbl9pZCI6IjMzMDA1OSIsInRfZXBvY2giOjE2NDc2MjM2OTEsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LskUV7k6wzHsxgeIb4SJnQwwjeqWBVCw7auhTD2n0SHmHuS0CA1OzaTGuRebuAD4Wihkoe5Keqwo4t5Eb7NiCT2NtMR%2BH5nnu%2B4qgQS4U9%2B85K5aor2akVq1oS7NrX4jQ%2FZY%2Blg789M%2BxUmOCKjTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b77189d9223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:53 GMT

GET
H3 200 greenoaks.gif Show response
www.ip-adress.com/detroitchicago/ 0
619 B 32ms
32ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxODIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjkyMiJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxOTYifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxOTYifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMjc1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiZG9tYWluX2lkIjoiMzMwMDU5IiwidF9lcG9jaCI6MTY0NzYyMzY5MSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTA4OCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI5ZjM1Y2U2LWZkYTEtNGZmZi02MDhkLTZlYjg5OTRlODcyNSIsImRvbWFpbl9pZCI6IjMzMDA1OSIsInRfZXBvY2giOjE2NDc2MjM2OTEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTA4OCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI5ZjM1Y2U2LWZkYTEtNGZmZi02MDhkLTZlYjg5OTRlODcyNSIsImRvbWFpbl9pZCI6IjMzMDA1OSIsInRfZXBvY2giOjE2NDc2MjM2OTEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuNiJ9XX1d
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQJKQCwyCystyspRbS4loKe4vI%2FfrMRTRuVt15yJ84QaStfLxfE1zZKDJYrIiJRusecF9LKcs2t0SIv3mikhjJGDaW2bOBUhtuB%2FtcqhRrgFCMpC9PqdRZOSb%2BP6mh7VmBvuuhXJHdhFJeyuQ87F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b77189e9223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:53 GMT

GET
H3 200 greenoaks.gif Show response
www.ip-adress.com/detroitchicago/ 0
618 B 34ms
33ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiZG9tYWluX2lkIjoiMzMwMDU5IiwidF9lcG9jaCI6MTY0NzYyMzY5MSwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNjkwIn1dfV0=
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO%2BTOLc9DmZIUWzbGLE7ev32FB8fUTSDrD84AGDVB19Ekk2ClrlSWlyhzM6h6k2qWCrWI14aKY8vx2ec2xpXKrfFsVrxJKPR4ziJVs6aKu%2BW4e8a2CXq5RvbCku97QFIskmWPagSDlAaRGuiQxosZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b7718a19223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3A55 4 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 16:48:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 17:14:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 17:14:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E483 8 KB
965 B 32ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 17:14:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 17:14:53 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E483 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 17:14:14 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame E483 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 17:08:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E483 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E483 117 KB
36 KB 56ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 17:14:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E483 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 17:13:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E483 0
0 32ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThGOvX8TxkPrxs3uE-27w_k_iqHvG-isRRlb82mFYLeF96mc55Z_0aiaSCn0G5DoXLilRu1eWKYJnvQUC_Sx-4ZAev_g
Requested by: Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame E483 28 KB
12 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:55:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 19:08:18 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 3A55 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 4666862433802105431
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 17:14:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A55 205 B
294 B 30ms
11ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 16:57:42 GMT
x-content-type-options: nosniff
age: 1032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Mar 2023 16:57:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A55 604 B
917 B 29ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:01 GMT
x-content-type-options: nosniff
age: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Mar 2023 17:14:01 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0396 143 B
426 B 31ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 18 Mar 2022 17:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0396
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

138ms
122ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
URL: https://3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Mar 2022 17:14:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 17:14:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Mar 2022 17:14:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 greenoaks.gif Show response
www.ip-adress.com/detroitchicago/ 0
620 B 41ms
40ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOWYzNWNlNi1mZGExLTRmZmYtNjA4ZC02ZWI4OTk0ZTg3MjUiLCJkb21haW5faWQiOiIzMzAwNTkiLCJ0X2Vwb2NoIjoxNjQ3NjIzNjkxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE4MzkifV19XQ==
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:54 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znBBI6Ul5fZK0SoE59qcwSRm6%2F4sra5fEyBl6F010tNBNDp%2BmGIfAWm5eFAGgP3ZeNkCFDt3tO7dUdveVAQKxfh4S4Ehfieeh7K3zqreumkEduUj1%2F1EdriOFii8zF0t%2FT1NRgKzKCCKJTLaPvyVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b7809e19223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:53 GMT

GET
H3 200 army.gif Show response
www.ip-adress.com/porpoiseant/ 0
625 B 37ms
37ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzEwMzQ2ODYyNTA3NTEzOSIsImRvbWFpbl9pZCI6IjMzMDA1OSIsInVuaXQiOiJpcF9hZHJlc3NfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDc2MjM2OTEsImF1Y3Rpb25fZXBvY2giOjE2NDc2MjM2OTQsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiYmlkX2Zsb29yX2luaXRpYWwiOm51bGwsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjpudWxsLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2MzQsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:54 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=336mzPGyjGkCZV1CBQ0SMZFUcS%2BLUCF4jpEejXi9v5NYx3isWYOjWKR88kT5MlyyGpwVBdvy3EziJcR435F2YQSoShO%2Fgy5qwVRdUEEJLlrQ9l758E8q1ZcuI%2B1WhWUplOu%2F6z3uITJ%2FeIL3Xrl3vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b7809e59223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:15:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=1594271197040781&bg=!jY6ljsrNAAba2mK92to7ACkAdvg8WusJR1Vs_2x7wPCSOT5ZbbjeK6gzKdjJqD9fYxcTIHpUxxJSagIAAABNUgAAAAJoAQeZAs9B4MDYpsO8FMvORiQB7FGeV0Re_9nl0j4BzMJo8p0mVg8b_vP3qWgH1Xoi46T_2yeDnHvfDsALYu1nuKutCZgWod2_cH69SMPBtynxDwNUFIz421bWrMJfIjm86h-rxdX1bqLvOo6229LErnWz9EeEXOQ_z9c3sB1wYWBTtLjWQcaI0S-abeM6gZW7Kglfxcm4XWL5m5nFNdnFNM64iB5oKQUgXqkNd2DLeVY3YjNd7aDBTAXuWzHELqgCRlm0H52NpKjM58Rhh8UGN767ZJ4SJeNhEB8VWMszJnBxVSHR4_GOxiTjECbMO0o9TxYVEqOGkcIzkQVzWQYxuamcrgKTVK_-qFYvsVPdDAUQqcjxmm_LMMxsur7ONJSOgEiSOfgUo2dMnJXP7OqKfQZNuX4JEa6IQvuQQNEtUyH6LdnK2-trP9gCNV2blGbof3Fzw3Vhg0A6A5iJCgHkjaVNhGKH1mAaGrl8jA6jGe3DCp7I0aoXy7WFYFEV-joroa0A0iq4Pz3JEF1J-r7FeHq5Cks5XpYTNJzfxrw3WR-VGgxGs2yP4v1K7VYDeZoUtuBvNDu6Cn8tBm-rv6XI1khTle5ej3HiugcsGBaOrPUlzgSAiUAnyt8xsnC4NqwFTihnSn8ESb3c7-oeUArkxYdOOJKe7eP9Kl5Z3BQSt36whud4xeii67YSXdwd-_uQquzcIVdC5LEMVbO0jA-pxx7XqTW4V1u5hbhRfFW__Uxgxj2PCt9iAwOx_RKNkRjnc8QNkF537shIEAfLdJ3F6BniSJM9una4EURmvcPkAxXdO82tYWf_TcYDsfEbLcVpWP7qpv8A4fGOBbY-Zj5Ghe_Zh5cAK9xK3gN-o3IYLR-dlZRFsZfVWrYvCLTfjoTNbWebgk19yyiAjFRVdVk_QSfGuyIQkVIqfzVKRPcq4bsFLHFlv9R-rljPR4sctWUCKaCcJw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 17:14:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 lcpel.go Show response
www.ip-adress.com/cheetah/ 0
608 B 42ms
41ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/cheetah/lcpel.go
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/website/dialog.lk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ip-adress.com/website/dialog.lk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Mar 2022 17:14:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCL1CJwCy8Gf9YaFEH3QGvdgX%2BobIiEje7g%2B%2FdezYmOpX9E8%2FecAIl9epX8FzmGWDasH%2FLAf7KF1%2FGVmaJPBvUM6c8m6YYdMocMagZXQJudWQkqdnIgP9GW7wtSW2TN1qvwsJoQBnNnZ9pvogWutgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ip-adress.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 6edf9b7aae439223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:54 GMT

GET
H3 200 army.gif Show response
www.ip-adress.com/porpoiseant/ 0
624 B 33ms
33ms XHR
text/plain 2606:4700:3030::ac43:9c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ip-adress.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzEwMzQ2ODYyNTA3NTEzOSIsImRvbWFpbl9pZCI6IjMzMDA1OSIsInVuaXQiOiJpcF9hZHJlc3NfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDc2MjM2OTEsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjI5ZjM1Y2U2LWZkYTEtNGZmZi02MDhkLTZlYjg5OTRlODcyNSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMTAzNDY4NjI1MDc1MTM5IiwiZG9tYWluX2lkIjoiMzMwMDU5IiwidW5pdCI6ImlwX2FkcmVzc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0NzYyMzY5MSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMTAzNDY4NjI1MDc1MTM5IiwiZG9tYWluX2lkIjoiMzMwMDU5IiwidW5pdCI6ImlwX2FkcmVzc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0NzYyMzY5MSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjlmMzVjZTYtZmRhMS00ZmZmLTYwOGQtNmViODk5NGU4NzI1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ip-adress.com
URL: https://www.ip-adress.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x36x59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ip-adress.com/website/dialog.lk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrAKXPlw%2FvlqoeAx7yB1Zgh6lnbpmHsmMMxhh3aFBbW%2BuT2T3sAQUen%2F0yfxs2ngWN9OLiM%2BfAUZoV48oD7wyok%2BOu6W8AGIbHdu5ubpLtZmTMOctll0F%2Fd0qBb9cVoRGG4k%2BqMmIHKsOg6KKsqnbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6edf9b807f1b9223-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Thu, 17 Mar 2022 17:14:59 GMT

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ip-adress.com/	1970-01-20 01:40:25	Name: ezoadgid_330059 Value: -1
.ip-adress.com/	1970-01-20 01:40:30	Name: ezoref_330059 Value:
.ip-adress.com/	1970-01-20 01:40:30	Name: ezoab_330059 Value: mod1-c
.ip-adress.com/	1970-01-20 01:40:25	Name: ezopvc_330059 Value: 1
.ip-adress.com/	1970-01-20 01:41:50	Name: ezepvv Value: 1521
.ip-adress.com/	1970-01-20 01:40:25	Name: ezovid_330059 Value: 806960566
.ip-adress.com/	1970-01-20 01:40:25	Name: lp_330059 Value: https://www.ip-adress.com/website/dialog.lk
.ip-adress.com/	1970-01-20 01:43:16	Name: ezovuuidtime_330059 Value: 1647623692
.ip-adress.com/	1970-01-20 01:40:25	Name: ezovuuid_330059 Value: 15814422-8922-4f33-7d12-081c0248b58b
.ip-adress.com/	1970-01-20 10:25:59	Name: ezCMPCCS Value: false
.ip-adress.com/	1970-01-20 10:25:59	Name: ezosuibasgeneris-1 Value: 4392278e-789c-4e31-5df5-ddd8dbaf156a
.ip-adress.com/	1970-01-20 01:43:16	Name: active_template::330059 Value: pub_site.1647623692
www.ip-adress.com/	1970-01-22 14:59:35	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.ip-adress.com/	1970-01-22 14:59:35	Name: ezohw Value: w%3D1600%2Ch%3D1200
www.ip-adress.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.ip-adress.com/	1970-01-20 11:01:59	Name: __gads Value: ID=3e84d3c99aa0f4ad-225d21d960cd0067:T=1647623693:S=ALNI_Mb8jYlIQftc2DRmYGaHqcT4kgMBDw
www.ip-adress.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
.doubleclick.net/	1970-01-20 01:40:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:01:59	Name: IDE Value: AHWqTUlOTNxMxoPPb88b8eLiqhyEn2lrxFYop6caORqXGqRE8GkW1-ejMAys-HH3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e55067621a3e563d34679c1defd1ede.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
cdn.id5-sync.com
dialog.lk.dedicatedornot.com
ezodn.com
fonts.googleapis.com
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
id5-sync.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
wh.ip-adress.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.ip-adress.com
142.250.181.226
143.204.95.188
148.251.120.226
2600:9000:2156:7c00:2:cb38:840:93a1
2606:4700:3030::ac43:9c1b
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a06:98c1:3120::7
2a06:98c1:3121::7
46.105.202.126
54.36.109.46
95.217.104.34
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c1b7fad4b14c21309c31ad5e060b31eb95db7cd24368a6a8a777f2e52dee7b
08df2978062ef1be1c6237860067c31b5e32c94d01a8b8d4af6d5a4b523e4840
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
2afbbd95272b719693403d7e4780b65303687ec679d7e57fd9002d5e03ac8c5f
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a17e8fca1802d26a70cc173321ebf630dc724627444f61867228a5e9bdedd3
57823fee05c94a28bc9d4a44da56715f6f5b4b26ac4427692f03713da6b86635
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e96f9c40972d0d2aac1a69e803a0734915e8ad5cde75f112b5b371a9c21dd25
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
8d347fc948dcd258a2c57986c919f2c61d8f78efcb867332cd403539833442c6
90af7ba4acfaa3e4a194523f2bb9512cfdbd68677ec0a1385fea1b6106b6480f
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
94dd1012448e4612c665b0cb210aae67135f3ffd9a7e9e518d373d344399fa3d
a0c26be50f520fe80a0433dd437dce754a6dbcf8b591effc95aed8a3fb93449b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abffe68741b9c1fb75cd6d0082b4a8130b2f994233d464b2f1b37eecf404e3f1
adbd898659041a06390aec3d886c7669946739187af1dc74ddcc2963a1c8252a
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8e3307e78c7f2a9c2922712803bfdde14896255a66f335b2e602d2c98ca04
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
fc58709ec76914ff4ffa5d0f5fa04b5237a4b8e74eb7d65f6b906604cbe8606d
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb
ffd68c052809d8493e51279d412a739271c2f9e007b8eabbe3d8d7c6320cc583

www.ip-adress.com Open in urlscan Pro 2606:4700:3030::ac43:9c1b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

68 %IPv6

13 Domains

20 Subdomains

19 IPs

4 Countries

589 kBTransfer

1818 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ip-adress.com Open in urlscan Pro
2606:4700:3030::ac43:9c1b Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

68 %
IPv6

13
Domains

20
Subdomains

19
IPs

4
Countries

589 kB
Transfer

1818 kB
Size

19
Cookies

58 HTTP transactions
3 data transactions