www.guidetodrawing.com Open in urlscan Pro
216.38.8.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.guidetodrawing.com/
Submission: On December 28 via api (December 28th 2023, 2:51:35 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 86 HTTP transactions. The main IP is 216.38.8.35, located in United States and belongs to ASN-GIGENET, US. The main domain is www.guidetodrawing.com.

This is the only time www.guidetodrawing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	216.38.8.35 216.38.8.35	32181 (ASN-GIGENET) (ASN-GIGENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.234.176 52.217.234.176	16509 (AMAZON-02) (AMAZON-02)
3 3	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	23.216.203.96 23.216.203.96	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	23.211.9.43 23.211.9.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1	85.114.131.234 85.114.131.234	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
86	26

9 216.38.8.35 (United States)

ASN32181 (ASN-GIGENET, US)
PTR: shared.host6.namelessdns.com

www.guidetodrawing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.234.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.75 (Amsterdam, Netherlands) 3 redirects

ASN41041 (VCLK-EU-SE, US)

www.ftjcfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tqlkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lduhtrp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.216.203.96 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-203-96.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.9.43 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-43.deploy.static.akamaitechnologies.com

adimg.uimserv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.234 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	508 KB
19	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	113 KB
9	guidetodrawing.com www.guidetodrawing.com	677 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900027.redintelligence.net — Cisco Umbrella Rank: 201555	11 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	128 KB
2	gstatic.com ssl.gstatic.com fonts.gstatic.com	21 KB
2	yceml.net www.yceml.net — Cisco Umbrella Rank: 29103	61 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 77173	95 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	80 KB
1	uimserv.net adimg.uimserv.net — Cisco Umbrella Rank: 84025	5 KB
1	lduhtrp.net 1 redirects www.lduhtrp.net — Cisco Umbrella Rank: 86076	473 B
1	tqlkg.com 1 redirects www.tqlkg.com — Cisco Umbrella Rank: 97551	440 B
1	ftjcfx.com 1 redirects www.ftjcfx.com — Cisco Umbrella Rank: 63311	440 B
1	amazonaws.com s3.amazonaws.com
86	20

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	www.guidetodrawing.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.guidetodrawing.com	www.guidetodrawing.com
4	hal900027.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900027.redintelligence.net
4	www.googleadservices.com	www.guidetodrawing.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.guidetodrawing.com www.google-analytics.com
2	ajax.googleapis.com	www.guidetodrawing.com hal900027.redintelligence.net
2	www.yceml.net	www.guidetodrawing.com
1	cdn.contentspread.net	hal900027.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ssl.gstatic.com	www.guidetodrawing.com
1	adimg.uimserv.net	www.guidetodrawing.com
1	www.lduhtrp.net	1 redirects
1	www.tqlkg.com	1 redirects
1	www.ftjcfx.com	1 redirects
1	s3.amazonaws.com	www.guidetodrawing.com
1	fonts.googleapis.com	www.guidetodrawing.com
86	28

This site contains links to these domains. Also see Links.

Domain
www.guidetooilpainting.com
www.youtube.com
www.billmartingallery.com
www.kqzyfj.com
www.tkqlhce.com
plus.google.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.guidetodrawing.com/
Frame ID: D4CF908B6C563900B3527ABB36DF0036
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 2DB11F04E8EA6940900672F701148DD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523
Frame ID: 2A9F283A74090FC77C15F872CE58CD59
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532
Frame ID: 8174271C4FD74E557F6473FC35EDFB6D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535
Frame ID: 2222F190AEE6AB91C54A4B0B816B6160
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&adk=1812271804&adf=3025194257&lmt=1703775090&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703775090452&bpp=1&bdt=701&idt=504&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C300x600&nras=1&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=510
Frame ID: 543795909E2DC536B0A7EC1C5E5C7B2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVv_G6AM2ePnk5VpX4c7_Lj3XBh3mFl659g27Av1JEEsTeaKeLiS_oz9U3FughukUSAvdzE4QIZZ-FWF9m_OVnRJRK0b5aAAXLHKGEp_9qkMx4lbuWTSaMwX8lxtUiDioiFSWsmKEJ67DAhUDjCNc1c4TAw9dt4arwoIO-vyoPvyif4gYs
Frame ID: E678EE077E2B571F30EAC7BF36542456
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html
Frame ID: 004AD114D8B1901E9A327ECFF67A0D8C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 24483E7F1D2593A70CF1486C50B93A45
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html
Frame ID: A34B0A65A4FE50FE1FDC93A17165E65F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1492A7CD3CD62E2BD6536AF75F82A615
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8766EF0C94E6A6E8C499CAE656C0AA54
Requests: 3 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6
Frame ID: 54D9580E85A6FEA8BB755B5DC4758A6E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF58F67477C41B09345D3B606E056DD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B3D324FD4AEDE9DAD05F1E7201AD0CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guide To Drawing

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

73 %
HTTPS

50 %
IPv6

20
Domains

28
Subdomains

26
IPs

4
Countries

1913 kB
Transfer

3655 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.guidetooilpainting.com/
Title: GUIDE TO OIL PAINTING

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UCAuTyutXKNO0bqv13PwABng/playlists
Title: OIL PAINTING VIDEOS

Search URL Search Domain Scan URL

URL: http://www.billmartingallery.com/
Title: BILL MARTIN GALLERY

Search URL Search Domain Scan URL

URL: https://www.kqzyfj.com/click-8150597-11688564-1461172716000

Search URL Search Domain Scan URL

URL: http://www.kqzyfj.com/click-8150597-11666919-1462979853000

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8150597-10564936-1460542082000

Search URL Search Domain Scan URL

URL: https://plus.google.com/115613099953349748793

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.ftjcfx.com/image-8150597-11688564-1461172716000 HTTP 302
https://www.yceml.net/0628/11688564-1621001412367

Request Chain 10

https://www.tqlkg.com/image-8150597-11666919-1462979853000 HTTP 302
https://www.yceml.net/0487/11666919-1497460407410

Request Chain 11

https://www.lduhtrp.net/image-8150597-10564936-1460542082000 HTTP 302
https://adimg.uimserv.net/1und1/Werbemittel_US/fallback/us_generic_st_300x250.gif

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1

Request Chain 41

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY2Lc6-gKYRa-gnkBG4H5QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELF-o2PgCMoSJNxdFK9gBjg&google_cver=1

Request Chain 43

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc5MjgxNzgxNTU2NzkzMzM3OA%3D%3D

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://googleads.g.doubleclick.net/pagead/adview?ai=C-sf8c4uNZeT8BM-_n88Pnca5qA2JtLOFdZ2hjIKMEuXTxYSZDhABIIectQhglfrwgYwHoAHtwtm1AsgBCagDAcgDAqoE3gFP0OhuO9YDSgZceLmzYKyFPLkYZqI87E0fv6CzKa6R8PbBpQI6UL1u8KYegMUmv81azIfgECqYmZgTKSXM_G5mlnj4dI99dNpMILHRvgQxUvt_-qM6SAt1nRo9XtwFAnk7cNG4xwl4sgZXIoDrppve1QCZU37z5zLfnF1gsatjae2am4f18rgTEdH85yqCp-MOcALdlXqGUUGCxyRcZtXikt3vRYn9lR7qGC-ABQUIeC-jAgaeyZdu1NpGXxH70-GsIzChI-2cARU3k8dflYivvuad7447xtCH6XZYWz7ABOrkqMnOBIgF5Oj43k2SBQQIBBgBkgUECAUYBKAGXYAH-7ymygGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDcygTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOGpzuiwsoMDmgnMAWh0dHBzOi8vbXVzY2xlLWJvb3N0ZXIuaW8_YnJhbmNoLW5hbWU9Z29vZ2xlJnRlc3QtbmFtZT1nbzR0aWsmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmY2FtcGFpZ25faWQ9MjA4Njg2NDE4OTImYWRncm91cF9pZD0xNTg1MzA2Nzk0MDImYWRfaWQ9Njg1MDI3MTIxNjk3JnV0bV90ZXJtPSZwbGFjZW1lbnQ9d3d3Lmd1aWRldG9kcmF3aW5nLmNvbYAKAcgLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTEwMjUxMTkxNzIwOTE3OTYYAA&sigh=RjDCfiAo5KU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_uVLyHUXSO-v-6_c_nY_RtsYg0d37NwUFe1hqAp1TLYkOGkwfTBapTdkhqimp16sDJB-ItD8A3L06JwKGp6_fQnlYVLrqLFyR5TYYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228726752462638390011%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227148798293632870945%22}&andc=true

Request Chain 67

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce_L1c4uNZa-pBKK8n88PudSZoAuJtLOFdZ2hjIKMEomFu9uXDhABIIectQhglfrwgYwHoAHtwtm1AsgBCagDAcgDAqoE2AFP0FphY0inBiQdkSTHsFbhtrveZuaiuDEEFhhZhwJcswgWFieym9q6O3EKr8y053c67kLQKtqQnQAY6BztK374tDL046CS8HrBIoBUdmPmMGo_xIqQBH77j5uA_6_LvsC0hSafBNh1d3e-Yd-SLleYeCzPnwxtof5e3wg54ApO7xT0Fm8rbGGXJE1xvaLzNMLVYQLvyC2z8cl22vqMbAPTyhPYa8FEKpr6i9k5Z_oXDilC9OhBjCu-sEItUO-hizZMPviFu1KDkIn8tfoA3Qz9SHMFz8ihEcXABOrkqMnOBIgF5Oj43k2SBQQIBBgBkgUECAUYBKAGXYAH-7ymygGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDHxAzSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPrbzeiwsoMDmgnMAWh0dHBzOi8vbXVzY2xlLWJvb3N0ZXIuaW8_YnJhbmNoLW5hbWU9Z29vZ2xlJnRlc3QtbmFtZT1nbzR0aWsmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmY2FtcGFpZ25faWQ9MjA4Njg2NDE4OTImYWRncm91cF9pZD0xNTg1MzA2Nzk0MDImYWRfaWQ9Njg1MDI3MTIxNjk3JnV0bV90ZXJtPSZwbGFjZW1lbnQ9d3d3Lmd1aWRldG9kcmF3aW5nLmNvbYAKAcgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTEwMjUxMTkxNzIwOTE3OTYYAA&sigh=GOTi57U33h4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_Am-FGus6qQhf3_1DzBQ3SpvsGQcblO_vTcDBpc0wNkef7WXNbIgvYmOSHnmYoBAQp9wxbLBgVeKZDDNCeNtfFNj0H07G11uER9oYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210847610346925022598%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211364154510680039249%22}&andc=true

Request Chain 68

https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D&documentReferer=http%3A%2F%2Fwww.guidetodrawing.com%2F&ancestorOrigins=http%3A%2F%2Fwww.guidetodrawing.com&random=424275332116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D&documentReferer=http%3A%2F%2Fwww.guidetodrawing.com%2F&ancestorOrigins=http%3A%2F%2Fwww.guidetodrawing.com&random=424275332116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

86 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.guidetodrawing.com/ 18 KB
5 KB 1645ms
362ms Document
text/html 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

16284378745ff040c677bbcecbe03a604957d36a42b4c785df40b5cb7fc5aa4c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 14:51:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 239ms
84ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29fffd5e93aecf841e2f7885a0b3b091f0f6f52c614d89416c607bf5012d5cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 12:59:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 14:51:29 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.guidetodrawing.com/site/templates/css/ 98 KB
17 KB 132ms
131ms Stylesheet
text/css 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/css/bootstrap.min.css

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

86c4c3881c024a7d0804f9fe3bd8e89c6587eca60cf9c1916e1ca9f57ced467b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jan 2015 07:48:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 17151
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 200
OK bootstrap-theme.min.css
www.guidetodrawing.com/site/templates/css/ 13 KB
2 KB 128ms
126ms Stylesheet
text/css 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/css/bootstrap-theme.min.css

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

98241efed6ff465b0c055a9f8c16124c38059d85fdcf51789b027f503ceda54e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jan 2015 07:48:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1747
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 200
OK main.css
www.guidetodrawing.com/site/templates/css/ 4 KB
2 KB 246ms
124ms Stylesheet
text/css 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/css/main.css

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

832e2051282531c551ed7e83699c6218022360fb9179cb2e66da41cc9fa56cd3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2016 01:00:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1272
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 200
OK modernizr-2.6.2-respond-1.1.0.min.js Show response
www.guidetodrawing.com/site/templates/js/vendor/ 19 KB
8 KB 248ms
127ms Script
application/javascript 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jan 2015 07:48:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8081
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 403
Forbidden cookieconsent.latest.min.js
s3.amazonaws.com/cc.silktide.com/ 0
0 288ms
150ms Script
application/xml 52.217.234.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s3.amazonaws.com/cc.silktide.com/cookieconsent.latest.min.js
Requested by: Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/
Protocol: HTTP/1.1
Server: 52.217.234.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK bill.png
www.guidetodrawing.com/site/templates/img/ 322 KB
323 KB 247ms
125ms Image
image/png 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.guidetodrawing.com/site/templates/img/bill.png

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

675fe0dc0bb568b7bc8c4ae826115eb212ac8d414aeae60a7cc9afe42ce76e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
last-modified: Wed, 28 Jan 2015 07:48:21 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 330139
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 200
OK bmg.png
www.guidetodrawing.com/site/templates/img/ 311 KB
311 KB 258ms
130ms Image
image/png 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.guidetodrawing.com/site/templates/img/bmg.png

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

d360119c59c21fed98e11997aeed4f2363a50537f70e02f26613d98f19df79b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
last-modified: Wed, 28 Jan 2015 07:48:21 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 318342
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1

200
OK

11688564-1621001412367
www.yceml.net/0628/
Redirect Chain

https://www.ftjcfx.com/image-8150597-11688564-1461172716000
https://www.yceml.net/0628/11688564-1621001412367

29 KB
29 KB

138ms
36ms

Image
image/jpeg

23.216.203.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0628/11688564-1621001412367
Requested by: Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/
Protocol: HTTP/1.1
Server: 23.216.203.96 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-216-203-96.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: 8831a389c93ecab7c1158424469fff19ff9e3e62c020e136a23047171a859436

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:30 GMT
X-VC-HTTPS: On
Cache-Control: max-age=424717
Server: Resin/4.0.66
Connection: keep-alive
Content-Length: 29338
Expires: Tue, 02 Jan 2024 12:50:07 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 14:51:30 GMT
Server: Resin/4.0.66
Content-Type: text/html; charset=utf-8
Location: https://www.yceml.net/0628/11688564-1621001412367
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS: On
Content-Length: 87
Expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
54 KB 191ms
119ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc177aa221c4e0ad282870bf1dbada5d1bcb83b4026bae2e40e7e07f6d2f320a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54410
X-XSS-Protection: 0
Server: cafe
ETag: 15772983163250789339
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H/1.1

200
OK

11666919-1497460407410
www.yceml.net/0487/
Redirect Chain

https://www.tqlkg.com/image-8150597-11666919-1462979853000
https://www.yceml.net/0487/11666919-1497460407410

32 KB
32 KB

176ms
57ms

Image
image/jpeg

23.216.203.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0487/11666919-1497460407410
Requested by: Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/
Protocol: HTTP/1.1
Server: 23.216.203.96 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-216-203-96.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: 85772718da1680a8314d9b2283d92b68c49e64926b225b2821f11278d4d62e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:30 GMT
X-VC-HTTPS: On
Cache-Control: max-age=451656
Server: Resin/4.0.66
Connection: keep-alive
Content-Length: 32635
Expires: Tue, 02 Jan 2024 20:19:06 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 14:51:30 GMT
Server: Resin/4.0.66
Content-Type: text/html; charset=utf-8
Location: https://www.yceml.net/0487/11666919-1497460407410
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS: On
Content-Length: 87
Expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H2

200

us_generic_st_300x250.gif
adimg.uimserv.net/1und1/Werbemittel_US/fallback/
Redirect Chain

https://www.lduhtrp.net/image-8150597-10564936-1460542082000
https://adimg.uimserv.net/1und1/Werbemittel_US/fallback/us_generic_st_300x250.gif

5 KB
5 KB

224ms
83ms

Image
image/gif

23.211.9.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.uimserv.net/1und1/Werbemittel_US/fallback/us_generic_st_300x250.gif
Requested by: Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/
Protocol: H2
Server: 23.211.9.43 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-43.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3a5a867e5340834df59e9566b2f2ba7ec1e1441ffeed9f0e415931fdb79ce19

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:30 GMT
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 10:29:16 GMT
server: Apache
etag: "1291-5790b131fb700-gzip"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 4732
expires: Tue, 05 Nov 2024 13:15:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 14:51:30 GMT
Server: Resin/4.0.66
Content-Type: text/html; charset=utf-8
Location: https://adimg.uimserv.net/1und1/Werbemittel_US/fallback/us_generic_st_300x250.gif
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS: On
Content-Length: 119
Expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H2 200 gplus-16.png
ssl.gstatic.com/images/icons/ 737 B
1 KB 224ms
73ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/images/icons/gplus-16.png

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcd07bf4ffba2d11c6d69171634486c68daa0d87587a55b9a06cf22170cbf28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:45:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 223552
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 737
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Dec 2024 00:45:38 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 146ms
73ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 12:08:32 GMT
X-Content-Type-Options: nosniff
Age: 9778
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 96381
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 27 Dec 2024 12:08:32 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.guidetodrawing.com/site/templates/js/vendor/ 28 KB
8 KB 132ms
132ms Script
application/javascript 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/js/vendor/bootstrap.min.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jan 2015 07:48:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7625
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H/1.1 200
OK main.js Show response
www.guidetodrawing.com/site/templates/js/ 933 B
902 B 124ms
124ms Script
application/javascript 216.38.8.35
ASN-GIGENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.guidetodrawing.com/site/templates/js/main.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

HTTP/1.1

Server

216.38.8.35 , United States, ASN32181 (ASN-GIGENET, US),

Reverse DNS

shared.host6.namelessdns.com

Software

LiteSpeed /

Resource Hash

0aae081a3719c5925bbc0d0cb89e472c4cad6e480af9d0334263005ff34a47e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jan 2015 07:48:21 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 441
x-xss-protection: 1; mode=block
expires: Thu, 04 Jan 2024 14:51:29 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ 20 KB
20 KB 226ms
73ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.guidetodrawing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:48:30 GMT
x-content-type-options: nosniff
age: 241380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 19:48:30 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 302ms
149ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1025119172091796&plah=www.guidetodrawing.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b26f6f503efe292c68bba1ebbcc6f04dcc9d5538400f66635af8131c604618ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137958
x-xss-protection: 0
server: cafe
etag: 12172135843394565737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 2DB1 9 KB
4 KB 226ms
72ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

225ms
72ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3793
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Dec 2023 15:48:17 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
227 B 80ms
79ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=394660038&t=pageview&_s=1&dl=http%3A%2F%2Fwww.guidetodrawing.com%2F&ul=en-us&de=UTF-8&dt=Guide%20To%20Drawing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1641883414&gjid=2095715348&cid=54903639.1703775091&tid=UA-1769018-2&_gid=2011748058.1703775091&_r=1&_slc=1&z=1407104932

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

af5f9359680d2f3104b7214edb68fda86a1a57423d2910998f82a4a59777c085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.guidetodrawing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.guidetodrawing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 222ms
74ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1769018-2&cid=54903639.1703775091&jid=1641883414&gjid=2095715348&_gid=2011748058.1703775091&_u=IEBAAEAAAAAAACAAI~&z=570811518

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.guidetodrawing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Dec 2023 14:51:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.guidetodrawing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 242ms
89ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C1M30Y84H5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc14148c63ea1c38f3e634ac5a66c8d432ec01901b7979521d8a8b412e7d61f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 14:51:30 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A9F 120 KB
40 KB 868ms
868ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1025119172091796&plah=www.guidetodrawing.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecd06ec114b5508ca6e41713dc9df985780e5c31e0bd03c53ad486aaf8f40817

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-u0uiwsoMDFSLe5wMdOWoGtA&gqi=couNZamxPNu31fAPj5C1uAg&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40625
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-u0uiwsoMDFSLe5wMdOWoGtA&gqi=couNZamxPNu31fAPj5C1uAg&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:31 GMT
expires: Thu, 28 Dec 2023 14:51:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8174 121 KB
40 KB 796ms
796ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be9e8a6d6a9e49cd2d6f190ad50f71856026e7f72da30e995d36b627878b343f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKSC0-iwsoMDFc_f5wMdHWMO1Q&gqi=couNZfr6PPvU1fAPkK2KoAE&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40666
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKSC0-iwsoMDFc_f5wMdHWMO1Q&gqi=couNZfr6PPvU1fAPkK2KoAE&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:31 GMT
expires: Thu, 28 Dec 2023 14:51:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2222 25 KB
11 KB 716ms
716ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ebbe9044b19f05b90de5ac549c63010db30b98ca29fa982c107c1be0e019349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11073
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:31 GMT
expires: Thu, 28 Dec 2023 14:51:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5437 0
188 B 385ms
385ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&adk=1812271804&adf=3025194257&lmt=1703775090&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703775090452&bpp=1&bdt=701&idt=504&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C300x600&nras=1&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=510

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:31 GMT
expires: Thu, 28 Dec 2023 14:51:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 171ms
61ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C1M30Y84H5&gtm=45je3bt0v9107666448&_p=1703775090798&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=54903639.1703775091&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fwww.guidetodrawing.com%2F&dt=Guide%20To%20Drawing&sid=1703775091&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3114
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C1M30Y84H5&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.guidetodrawing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2222 42 B
173 B 109ms
108ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEmgDNVmHEuJHI88cKAJ4DFB1-1b_PI58QDH2yk_G6FDvgh4S3vtfP8pQ4NRRL3I1ixb56Q_hzi8qA0VlIXz0f6GS4YrJnvWYYp7sfT2kNzjQQpwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2222 89 KB
31 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:51:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2222 3 KB
1 KB 320ms
163ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 11:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 11:12:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2222 20 KB
8 KB 254ms
95ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2222 203 KB
64 KB 384ms
224ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:51:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E678 624 B
246 B 115ms
115ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVv_G6AM2ePnk5VpX4c7_Lj3XBh3mFl659g27Av1JEEsTeaKeLiS_oz9U3FughukUSAvdzE4QIZZ-FWF9m_OVnRJRK0b5aAAXLHKGEp_9qkMx4lbuWTSaMwX8lxtUiDioiFSWsmKEJ67DAhUDjCNc1c4TAw9dt4arwoIO-vyoPvyif4gYs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:31 GMT
expires: Thu, 28 Dec 2023 14:51:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/ Frame 004A 67 KB
20 KB 257ms
170ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd498fd1947a2766f8e5789f96bf580dae97098609c9c7634a175f291cc44dd1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 210092
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18434
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 04:29:59 GMT
expires: Wed, 25 Dec 2024 04:29:59 GMT
last-modified: Fri, 15 Dec 2023 10:31:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8174 23 KB
9 KB 230ms
149ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2448 143 B
166 B 72ms
72ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8174 3 KB
1 KB 316ms
235ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 11:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 11:12:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8174 20 KB
8 KB 164ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8174 203 KB
65 KB 170ms
89ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:51:31 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E678
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1

43 B
769 B

73ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVv_G6AM2ePnk5VpX4c7_Lj3XBh3mFl659g27Av1JEEsTeaKeLiS_oz9U3FughukUSAvdzE4QIZZ-FWF9m_OVnRJRK0b5aAAXLHKGEp_9qkMx4lbuWTSaMwX8lxtUiDioiFSWsmKEJ67DAhUDjCNc1c4TAw9dt4arwoIO-vyoPvyif4gYs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ0NGrpasfH41nW9RLZVkUyrJk2sUbi3rYT7h136V%2BaGDC%2Bs4dUu8YFAWuujACxzp5xoXD%2FUwsJlBJbyukvRcuKmgse0vKO0hlPOMeG7SrXpjaVrIF4T9ibPohl10TpWaWu%2BxPw%2B2EEJ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ca9f357b0a4510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E678
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY2Lc6-gKYRa-gnkBG4H5QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1

43 B
735 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVv_G6AM2ePnk5VpX4c7_Lj3XBh3mFl659g27Av1JEEsTeaKeLiS_oz9U3FughukUSAvdzE4QIZZ-FWF9m_OVnRJRK0b5aAAXLHKGEp_9qkMx4lbuWTSaMwX8lxtUiDioiFSWsmKEJ67DAhUDjCNc1c4TAw9dt4arwoIO-vyoPvyif4gYs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Qi25wpr6mK0lNndvM7jGAjNq6LfYUXLLIqjcM36L%2BsNEYBy6uG%2FnHDJ4r%2FUH5M%2BHHK5cKhcPGfqwPEvbNCBsklSUVI3FrUlYeA6qG7JT9BFLmrt31nMVokj58bgETbkxN9UJX1xiPXWlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ca9f358b414510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLnxrdQF5He81I7LqaTKz8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E678
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELF-o2PgCMoSJNxdFK9gBjg&google_cver=1

43 B
844 B

33ms
32ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELF-o2PgCMoSJNxdFK9gBjg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNVv_G6AM2ePnk5VpX4c7_Lj3XBh3mFl659g27Av1JEEsTeaKeLiS_oz9U3FughukUSAvdzE4QIZZ-FWF9m_OVnRJRK0b5aAAXLHKGEp_9qkMx4lbuWTSaMwX8lxtUiDioiFSWsmKEJ67DAhUDjCNc1c4TAw9dt4arwoIO-vyoPvyif4gYs

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
an-x-request-uuid: 2ee8ba38-0c6c-4d67-af83-9c24f2b07d8d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.237; 193.32.248.237; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELF-o2PgCMoSJNxdFK9gBjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E678
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc5MjgxNzgxNTU2NzkzMzM3OA%3D%3D

170 B
243 B

67ms
67ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc5MjgxNzgxNTU2NzkzMzM3OA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
an-x-request-uuid: f0a94dc6-656e-4dd3-b203-e704637ce84a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc5MjgxNzgxNTU2NzkzMzM3OA%3D%3D
x-proxy-origin: 193.32.248.237; 193.32.248.237; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/ Frame A34B 67 KB
18 KB 221ms
197ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd498fd1947a2766f8e5789f96bf580dae97098609c9c7634a175f291cc44dd1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 210092
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18434
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 04:29:59 GMT
expires: Wed, 25 Dec 2024 04:29:59 GMT
last-modified: Fri, 15 Dec 2023 10:31:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2A9F 23 KB
9 KB 245ms
224ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1492 143 B
166 B 73ms
72ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2A9F 3 KB
1 KB 187ms
167ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 11:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 11:12:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2A9F 20 KB
9 KB 94ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A9F 203 KB
64 KB 246ms
223ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:51:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2448
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

82ms
82ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=3708758758&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090418&bpp=1&bdt=666&idt=529&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=1322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=532

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:32 GMT
expires: Thu, 28 Dec 2023 14:51:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2222 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2974210907941&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2222 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2974210907941&version=m202309260101&ct=77&x=1&cor=3896276473019029500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2222 20 KB
13 KB 248ms
248ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ao0miCz7lkE_YuieyE_qMzzxspvUtitQYPYIBJhpyiBWMgTzAS4C0Jjjp4XQOaXQ_3TC-XDIAiWSCv2x6KxZpIeY_poOL59r2OJZIer7D6IuL1vMONiFjC9cT5nuUEn7_UgxIhxn9brkSa5NfQiTu5IErDbl74TioyR3Tap8qXgbvIgrw&cry=1&dbm_d=AKAmf-ATZYHrZzRacWIC_FRQFDtIjpHC4X1zqO1225MrNIVxS4cTTpEtOP74fdrcwmUaYpf70U0uH9vLSeWjENYhUptZ3GieLzYq81X3CcSrnO1Vy2KdIdXHM1x0QrtEpe2wgNkC9SEr3pchbdJyjxk6f_AJFsaxOSSUsF-nBEEmIlYOfD6du4rd3iYSfMc7E8DNNBQsQNhJ2gzkzt5R_RxIfnoZFdQpDur3qx-Xxns9UGaA7ESkk2acoEuKnTmUHbnOpBwfcPW2SVN3Wzx0bkAfpbmNTukXsOnoEI7fH986lPiO2Nui5Fex6_jl0D7uNnYMCvBKgzF9KSN5gR9g8rE0EafBVIp50VMhiPxq3o-kVWkCxxtYTEW9WO58B6roOQNk-fbrbjkW_DA2T_QqlKOtZmqytA_bsN-q1YXQZgXx7zAj21fAWaUuRs1DM-IsA_M1XGnWf1NFo1UXOsxaqYwFTRzb82BziGKyNsQndGC3Ah8FvYWTtiZAfu6l682UHeOV_EFP9sFASGsz5OPxPdbDpKjxkCzxydJB-ez6AkAIgOfvICkm-m1g7oFOALU9iAx1gjfvHAH_A_NytBdyI3uCVpZwA7e0-mVs4K0igpW6WWUljBOKASbnZ1jLY4L4wcRDNhmouTRrlFUBd2T6HuqX-8QfCGwxoBZ9YfbznuTjXIkKFWvyVaOuoFEva6f_gJk7Qtc78XDkUSIxmEx6aHRoIA8Llm3GQ1kJkMoucoBTx9BrRmQPR50SwArCCHbViOq2L8gtfa66L9PeCGU3xhkWRxsl9KsI_8EJxyGsQpNNOWGLjbnfO7sFeCnJF7zkXaqjEVyJ0TCSTJ3WgLQuJ5007o4ounW0HosqCo73L6r-G6Oa-JCIz9PMCXOQFXWgnpNfK0nsTq517-sJYPMG5McplrYVr101VbtHasLtYl8RLQVtSWcTheWz7t08gys35692zXcXBruPsGpAwM3bzkOsJ9Pqspw_hpg1ACdy95FGDKRBMCrY54LJgyf3FPHEeVni6M4tVgMFnCTD_DI2J-WY0iMaYsRVcdAPOW6hwbtPIXznKx13cXD09QReJ8gbI3WLwFcg-BTuwmgtfSVadNKcpsI1ahjLvt7ei6-gqs5nKwkd9ydVLhItICaS06qzHZtBTY0SY8F7bp-pkaLEF03fpeuuEWrnmaeEqiGVogzH7L1MetJgbNcWTblWauY4MDNKc_C8IGowpQZUYVucP3gLz-xDT3AkseHBVIuxO55YQCJwnmHmipxbIR-3HvOjXCc58f0MgSTPrLGj7lXuITkPXgAiKWcXzwAJ-JsKMVdsL7UmQqc4rkBBo82Ptm6K6OnY3iPdFueIKxpmA_iau4PblvOixCyDafjGg40Xz6hcwnLI6EIvZdkzIjp8kbo1Ul88_DVZz6GMhCukpjVfCWXsxPM-32AELNL_XwOuUFLDa9DiAL2yRWSoAcH2fPAi8AnGVdJWfG_w_rsLMczqWSvM1sbuX7xK-5tItMCZk-Qx0YD700Q6DGXMax9WZ3Qx0NGaKsMcwO9qlhfLKyZ8nIjxN2_NaiKyM_OyVUNaG4LxFML5ZenkHd1UN_n0fJdgu0Cyw8ztPc2Z5qwDo-wSfW29TEjD3GPaqTfEzA3CUBa7pzhR87Lxk7WrKJbOYLfPEfYcKb-eNt-YY6v_JpJJ-ggjs8l2nBqFzk8fOwlLbMR2jpPeLUVRCuSU7dYd4zALY7MBJPX3yIIc4ljm18HwZmPFeYmr2UteUSqQuMKxsSK-KWwBKtbV8ynIexo9HNm185R6N3fR9pC1YrC4x2SecEGbk69dFxjvkaoLJJXAo_4TBZ0WY4EuxDzQ3pqqa9oCF4VWVT4RAlKqzKTlLPj9Mamer7PJxNUg3UMt6i1cVkhP5rJgj6qC05S5MpCf9Gpt1-Fe3O5QcuxH2zNs_OOkxLycR4Jz7xujXKkfHeoRE6khxrDINw3HeMMqCHfa4uutO95_6bK4OszapCUfEaArgZvI5BmX1jXmVCbHF0fdTR1k0vkVc3FTjfota0EaofrQFLW_OMwN5SwDlknAX5-d1V8hlYHJTFcmYiOQ4SX0yAXIJcOPZG44kHe4_HI_n9ICfV6jG-AOs4qb_iEY7i80VH50AzGWyjj8NvcTZulFLhkMYZapCED43gzUgxvj3-LPCyiA6RKHH7_MC-sykDncxUVZ-8CcTF3BBE5DWVjmhC59e4XrsKgNRWus-3lO_FDaKpVO2g-yBiwXEnZ4zL-hdb6OkRweDzyw8NDxvsvAYIrT0gAGHRvaOOege1rAWLBGDoenX7BsoCKdp-ooN6sh7pwOPQLf1iKtKZpV2yte8Voy-FVNMlzMQMO9evPwRJZtdYnK2D0AbNjPKSNX-75T9siCkfanyPRUX0707hdjKfQttJ7EYf3_UPF37pjpYJgk7YQHLUn8Z8f38i0J4R66g2PV5SAZWYIb1dN6hACGRv0JCXDulqt3tAeKJPiLN6d-n_kwC7UQLe1A8wpjPZTW4NGelqEy4kw9Mj-0WNT-yv06wuxQBd6wpInxiVq0UOc7ULfHCR7_aVN5d8bppkEk4zXWUdIDvi71MbTdeAdieIRP-4NNwTbThmHta_ff9OSt95f4DVPLG9B2dl3lBHRfO2bU2SuzoxUKOKT18_I2XAnyZT2p8D5eiJIbpcdlSg5YJzoQ6_XaP1xBsQ_Kpn-C-tshHShaarCD7lf0fNCi8mTYGuqs2jnVpUtXk0TbUuxwdsdtnA7SeOJlBwe5V7dEmkulLG62N7fUXy22YUXP5LLWo9AiKU3_12ZJoYD7pWdsbaj-75PQKWucyn-otAhomWoi38ghrnpM_iaQWwqaRAhPyzcKOsRG5rO59cqEatvRqQXCusGZcBgZTgfBCEOYwUwEop_pEo-qm3Bf4baORunvVuVnqbS4-lZeKFRud7VxDzpyd_1jUuaILPGpYjYdVPLFTu7rh_wgD2rjtSLilsfmONXoQF9PxdIfoSegg0s85OAewg4ZnR6K7zeeT47g72jFzHG-LI3d4G9J2WhvEzGe8x3poBPFNSbYMATiuYFELi5_ObL4eLhJOWw2N0i2iGNcoSVCGfKLFe6liRH7TykRqf4kBzcddhebhNkoLt4stmHDtgEHCeQtUuYyFyLk7ewOcRHdjErDD8dzPzXpD-P9-CkWOBRkWQ2QcJVfmLZdETXL_pqukBPxDDLkjBmdLmPXP0z5o83iSmT2SQgEg1fDO1K36V4qzRsLQX2bjyYBn77scaYReS4yn1A8WIbGhEHkoPc-RlrK-2ZaXYPCjr8ejZ_gJ-esta-XNYFfrsWDUjkKZN-p_N8PsDEFB4-k1YDRU_synlBE58xMkTbAeAYmcgYccYbdjUMxkiOYdpl0VDPJjAD4X-YAN0K4I9aaxlF3mjhZLtIEtXv7NrmWSoPXEStobIm-R7ym6EO6hzmBSuUwgVPloMhkmFzC7dPh9aPuc-JJ-0Q_WvMDev87Eq4ixlMb3fsDOcMt3rA1bNNdRK9v5fQd5rOTop05xZPVHbo2ap3BzxNyLXwj79gVRt0tq4T8vIpPDZDnvZbnrZCsEDZlIyz-YqWwkG89Mk2KmYw25Mc6sBa7ij8Hlya0y0wJ5XlnlLoV3-bsAvF0lKVduyuufElThAbR1Ml3Xwa_tT9fcyO7k-wKLtnuDeUPFBxBQjnlc3QwOFqSY73d_1xK_C0khKBd2UjuJaDr6X-att-STMHJNy2JusxJD44HDn6u-c8Ks6vfzvk&cid=CAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.guidetodrawing.com%2F&ds=l&xdt=1&iif=1&cor=3896276473019029500&adk=250412561&idt=153&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd4f1796905260145bb954dd2ef719785a1d5fefe7be66f8de150cc76d88fdd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13778
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1492
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

83ms
83ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:32 GMT
expires: Thu, 28 Dec 2023 14:51:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A9F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c55f2d3236300245b09889abe0913fd79d7e5ebdb786f8e5dd328ca64a02e35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8174 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c6c57f1bd8c3b791e093bb009fbb888ddb93dad919b1aa1320e954c4d5ff746

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 004A 16 KB
6 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:29:40 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 004A 34 KB
13 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:07:20 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A34B 16 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:29:40 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A34B 34 KB
13 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:07:20 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2222 41 KB
14 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ao0miCz7lkE_YuieyE_qMzzxspvUtitQYPYIBJhpyiBWMgTzAS4C0Jjjp4XQOaXQ_3TC-XDIAiWSCv2x6KxZpIeY_poOL59r2OJZIer7D6IuL1vMONiFjC9cT5nuUEn7_UgxIhxn9brkSa5NfQiTu5IErDbl74TioyR3Tap8qXgbvIgrw&cry=1&dbm_d=AKAmf-ATZYHrZzRacWIC_FRQFDtIjpHC4X1zqO1225MrNIVxS4cTTpEtOP74fdrcwmUaYpf70U0uH9vLSeWjENYhUptZ3GieLzYq81X3CcSrnO1Vy2KdIdXHM1x0QrtEpe2wgNkC9SEr3pchbdJyjxk6f_AJFsaxOSSUsF-nBEEmIlYOfD6du4rd3iYSfMc7E8DNNBQsQNhJ2gzkzt5R_RxIfnoZFdQpDur3qx-Xxns9UGaA7ESkk2acoEuKnTmUHbnOpBwfcPW2SVN3Wzx0bkAfpbmNTukXsOnoEI7fH986lPiO2Nui5Fex6_jl0D7uNnYMCvBKgzF9KSN5gR9g8rE0EafBVIp50VMhiPxq3o-kVWkCxxtYTEW9WO58B6roOQNk-fbrbjkW_DA2T_QqlKOtZmqytA_bsN-q1YXQZgXx7zAj21fAWaUuRs1DM-IsA_M1XGnWf1NFo1UXOsxaqYwFTRzb82BziGKyNsQndGC3Ah8FvYWTtiZAfu6l682UHeOV_EFP9sFASGsz5OPxPdbDpKjxkCzxydJB-ez6AkAIgOfvICkm-m1g7oFOALU9iAx1gjfvHAH_A_NytBdyI3uCVpZwA7e0-mVs4K0igpW6WWUljBOKASbnZ1jLY4L4wcRDNhmouTRrlFUBd2T6HuqX-8QfCGwxoBZ9YfbznuTjXIkKFWvyVaOuoFEva6f_gJk7Qtc78XDkUSIxmEx6aHRoIA8Llm3GQ1kJkMoucoBTx9BrRmQPR50SwArCCHbViOq2L8gtfa66L9PeCGU3xhkWRxsl9KsI_8EJxyGsQpNNOWGLjbnfO7sFeCnJF7zkXaqjEVyJ0TCSTJ3WgLQuJ5007o4ounW0HosqCo73L6r-G6Oa-JCIz9PMCXOQFXWgnpNfK0nsTq517-sJYPMG5McplrYVr101VbtHasLtYl8RLQVtSWcTheWz7t08gys35692zXcXBruPsGpAwM3bzkOsJ9Pqspw_hpg1ACdy95FGDKRBMCrY54LJgyf3FPHEeVni6M4tVgMFnCTD_DI2J-WY0iMaYsRVcdAPOW6hwbtPIXznKx13cXD09QReJ8gbI3WLwFcg-BTuwmgtfSVadNKcpsI1ahjLvt7ei6-gqs5nKwkd9ydVLhItICaS06qzHZtBTY0SY8F7bp-pkaLEF03fpeuuEWrnmaeEqiGVogzH7L1MetJgbNcWTblWauY4MDNKc_C8IGowpQZUYVucP3gLz-xDT3AkseHBVIuxO55YQCJwnmHmipxbIR-3HvOjXCc58f0MgSTPrLGj7lXuITkPXgAiKWcXzwAJ-JsKMVdsL7UmQqc4rkBBo82Ptm6K6OnY3iPdFueIKxpmA_iau4PblvOixCyDafjGg40Xz6hcwnLI6EIvZdkzIjp8kbo1Ul88_DVZz6GMhCukpjVfCWXsxPM-32AELNL_XwOuUFLDa9DiAL2yRWSoAcH2fPAi8AnGVdJWfG_w_rsLMczqWSvM1sbuX7xK-5tItMCZk-Qx0YD700Q6DGXMax9WZ3Qx0NGaKsMcwO9qlhfLKyZ8nIjxN2_NaiKyM_OyVUNaG4LxFML5ZenkHd1UN_n0fJdgu0Cyw8ztPc2Z5qwDo-wSfW29TEjD3GPaqTfEzA3CUBa7pzhR87Lxk7WrKJbOYLfPEfYcKb-eNt-YY6v_JpJJ-ggjs8l2nBqFzk8fOwlLbMR2jpPeLUVRCuSU7dYd4zALY7MBJPX3yIIc4ljm18HwZmPFeYmr2UteUSqQuMKxsSK-KWwBKtbV8ynIexo9HNm185R6N3fR9pC1YrC4x2SecEGbk69dFxjvkaoLJJXAo_4TBZ0WY4EuxDzQ3pqqa9oCF4VWVT4RAlKqzKTlLPj9Mamer7PJxNUg3UMt6i1cVkhP5rJgj6qC05S5MpCf9Gpt1-Fe3O5QcuxH2zNs_OOkxLycR4Jz7xujXKkfHeoRE6khxrDINw3HeMMqCHfa4uutO95_6bK4OszapCUfEaArgZvI5BmX1jXmVCbHF0fdTR1k0vkVc3FTjfota0EaofrQFLW_OMwN5SwDlknAX5-d1V8hlYHJTFcmYiOQ4SX0yAXIJcOPZG44kHe4_HI_n9ICfV6jG-AOs4qb_iEY7i80VH50AzGWyjj8NvcTZulFLhkMYZapCED43gzUgxvj3-LPCyiA6RKHH7_MC-sykDncxUVZ-8CcTF3BBE5DWVjmhC59e4XrsKgNRWus-3lO_FDaKpVO2g-yBiwXEnZ4zL-hdb6OkRweDzyw8NDxvsvAYIrT0gAGHRvaOOege1rAWLBGDoenX7BsoCKdp-ooN6sh7pwOPQLf1iKtKZpV2yte8Voy-FVNMlzMQMO9evPwRJZtdYnK2D0AbNjPKSNX-75T9siCkfanyPRUX0707hdjKfQttJ7EYf3_UPF37pjpYJgk7YQHLUn8Z8f38i0J4R66g2PV5SAZWYIb1dN6hACGRv0JCXDulqt3tAeKJPiLN6d-n_kwC7UQLe1A8wpjPZTW4NGelqEy4kw9Mj-0WNT-yv06wuxQBd6wpInxiVq0UOc7ULfHCR7_aVN5d8bppkEk4zXWUdIDvi71MbTdeAdieIRP-4NNwTbThmHta_ff9OSt95f4DVPLG9B2dl3lBHRfO2bU2SuzoxUKOKT18_I2XAnyZT2p8D5eiJIbpcdlSg5YJzoQ6_XaP1xBsQ_Kpn-C-tshHShaarCD7lf0fNCi8mTYGuqs2jnVpUtXk0TbUuxwdsdtnA7SeOJlBwe5V7dEmkulLG62N7fUXy22YUXP5LLWo9AiKU3_12ZJoYD7pWdsbaj-75PQKWucyn-otAhomWoi38ghrnpM_iaQWwqaRAhPyzcKOsRG5rO59cqEatvRqQXCusGZcBgZTgfBCEOYwUwEop_pEo-qm3Bf4baORunvVuVnqbS4-lZeKFRud7VxDzpyd_1jUuaILPGpYjYdVPLFTu7rh_wgD2rjtSLilsfmONXoQF9PxdIfoSegg0s85OAewg4ZnR6K7zeeT47g72jFzHG-LI3d4G9J2WhvEzGe8x3poBPFNSbYMATiuYFELi5_ObL4eLhJOWw2N0i2iGNcoSVCGfKLFe6liRH7TykRqf4kBzcddhebhNkoLt4stmHDtgEHCeQtUuYyFyLk7ewOcRHdjErDD8dzPzXpD-P9-CkWOBRkWQ2QcJVfmLZdETXL_pqukBPxDDLkjBmdLmPXP0z5o83iSmT2SQgEg1fDO1K36V4qzRsLQX2bjyYBn77scaYReS4yn1A8WIbGhEHkoPc-RlrK-2ZaXYPCjr8ejZ_gJ-esta-XNYFfrsWDUjkKZN-p_N8PsDEFB4-k1YDRU_synlBE58xMkTbAeAYmcgYccYbdjUMxkiOYdpl0VDPJjAD4X-YAN0K4I9aaxlF3mjhZLtIEtXv7NrmWSoPXEStobIm-R7ym6EO6hzmBSuUwgVPloMhkmFzC7dPh9aPuc-JJ-0Q_WvMDev87Eq4ixlMb3fsDOcMt3rA1bNNdRK9v5fQd5rOTop05xZPVHbo2ap3BzxNyLXwj79gVRt0tq4T8vIpPDZDnvZbnrZCsEDZlIyz-YqWwkG89Mk2KmYw25Mc6sBa7ij8Hlya0y0wJ5XlnlLoV3-bsAvF0lKVduyuufElThAbR1Ml3Xwa_tT9fcyO7k-wKLtnuDeUPFBxBQjnlc3QwOFqSY73d_1xK_C0khKBd2UjuJaDr6X-att-STMHJNy2JusxJD44HDn6u-c8Ks6vfzvk&cid=CAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.guidetodrawing.com%2F&ds=l&xdt=1&iif=1&cor=3896276473019029500&adk=250412561&idt=153&cac=0&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 506784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzc3NTA5MTk1Mzk1OQogIHNlcnZlcl9pcDogMTI2MDU5ODc0CiAgcHJvY2Vzc19pZDogMjI0ODIwODM1Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 2222 0
867 B 216ms
93ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzc3NTA5MTk1Mzk1OQogIHNlcnZlcl9pcDogMTI2MDU5ODc0CiAgcHJvY2Vzc19pZDogMjI0ODIwODM1Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjIzODMxNjI1NDk2OTEzMTc5CmRlYnVnX2tleTogNjM3MjQ5OTc4MTk5NDY4MDUyNgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMjgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE2MDQxNgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE2OTg2CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x73873211fe1fca080000000000000000","13":"0x149b840c20a2ff630000000000000000","14":"0x4ad8b79c05dca76b0000000000000000","15":"0xb28981e6daf3da450000000000000000"},"debug_key":"6372499781994680526","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"1223831625496913179"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame 2222 11 KB
4 KB 105ms
33ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1703775091085616&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c218b9fcda57a79230698c9212c74f7defe07e0e4590de1c2d22ebff5886762f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4135
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8174
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-sf8c4uNZeT8BM-_n88Pnca5qA2JtLOFdZ2hjIKMEuXTxYSZDhABIIectQhglfrwgYwHoAHtwtm1AsgBCagDAcgDAqoE3gFP0OhuO9YDSgZceLmzYKyFPLkYZqI87E0fv6CzKa6R8PbBpQI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228726752462638390011%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window...

0
0

201ms
90ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228726752462638390011%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227148798293632870945%22}&andc=true

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8726752462638390011","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"7148798293632870945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 14:51:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8726752462638390011","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"7148798293632870945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 MB_17346_17346_MA_DE_sen_PRY_HtmlG_Res_300x600_ani_top__mod.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/ Frame A34B 86 KB
86 KB 73ms
73ms Image
image/gif 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/MB_17346_17346_MA_DE_sen_PRY_HtmlG_Res_300x600_ani_top__mod.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=1525168882&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090416&bpp=2&bdt=664&idt=511&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=726075452693&frm=20&pv=2&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f0c7742858ce12e69a8dc76098e2ed5439f10f47588e15cc76ed1ab3dab762d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 17:52:45 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 23 Dec 2023 17:52:45 GMT
x-content-type-options: nosniff
age: 421127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88309
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:31:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8766 38 KB
13 KB 73ms
73ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2A9F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce_L1c4uNZa-pBKK8n88PudSZoAuJtLOFdZ2hjIKMEomFu9uXDhABIIectQhglfrwgYwHoAHtwtm1AsgBCagDAcgDAqoE2AFP0FphY0inBiQdkSTHsFbhtrveZuaiuDEEFhhZhwJcswgWFie...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210847610346925022598%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_windo...

0
0

200ms
90ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210847610346925022598%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211364154510680039249%22}&andc=true

Requested by

Host: www.guidetodrawing.com
URL: http://www.guidetodrawing.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10847610346925022598","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"11364154510680039249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 14:51:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10847610346925022598","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"11364154510680039249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 2222
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
935 B

186ms
121ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D&documentReferer=http%3A%2F%2Fwww.guidetodrawing.com%2F&ancestorOrigins=http%3A%2F%2Fwww.guidetodrawing.com&random=424275332116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1025119172091796&output=html&h=600&slotname=4293820587&adk=1331782678&adf=243348733&pi=t.ma~as.4293820587&w=300&fwrn=4&fwrnh=100&lmt=1703775090&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.guidetodrawing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1703775090419&bpp=1&bdt=668&idt=533&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=726075452693&frm=20&pv=1&ga_vid=54903639.1703775091&ga_sid=1703775091&ga_hid=394660038&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1300&ady=2292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C42531705%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2059252786311595&tmod=1446438060&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=535
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: ac81f8a850d709867434db9832fa2812c05d210f89144bf4478a2b6fb1f02bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 14:51:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 85194700090439004444978012552027
Connection: close
Content-Length: 329
Expires: Thu, 28 Dec 2023 14:51:32 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 14:51:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D&documentReferer=http%3A%2F%2Fwww.guidetodrawing.com%2F&ancestorOrigins=http%3A%2F%2Fwww.guidetodrawing.com&random=424275332116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 28 Dec 2023 14:51:32 +0100

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 206ms
90ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 14:51:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8766 39 KB
15 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 12:21:02 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 130ms
90ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 14:51:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8766 0
20 B 110ms
110ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfvgJc4uNZeecOuKKjuwP5N-DsAgAAAAAOAHgBAI&bg=!gYKlgs3NAAY3kmNgF5I7ADQBe5WfONkMDgzs_KBA-HCOOCRTgNYQq30nG6XSjH7mzBO6-JSWn8_gyy-iAlIyR3psBO5fAgAAAD1SAAAAAWgBB5kDI3XVezbiVG3S-1VNKuGO4Ooo87DUy2yXfLepGVx2kNRdB4XyvEETYbtibNZVnQORwdedTYjZYpeN5vtiOVOGL9SGCm-7wTcJijD2gCBUb-CVysWuxD7UYzpQZsSQGX3bEmJtsonwSBLBh-x6ZN8A9MlDO6Hw3kSsXGvCE7DL3-CRkQsNTmpq88ZONurbjV1sU6LZTi8AMKwbnFVlrHftNhl9qUSWPv9l63lSuU8ObPlLi8jc1nXrI9iMwwhlNvG-JDTek_AgErm_s_77esJVbD9rNZzBDbGn-asKXx6WOdnP3Vn0fxiMRQLfrgXQE2FP3N0Jx5EFnje8wpn-VV2kEuxS8R1twPLixAlIaLRRHnqR1cv-SwZAWKzHJVJBDPqW-137KyYeK9C5CJfBeMESuT6AP_0_YrxsVArJw8jnYgqsf7CPsVInXkN6G0jk_Eqe5zfk0rGP9t0cSc4EnvBP05AoeYZJFGgRtXXfoXB2pWEsvWKiHrYGYTY9orI-CeMdzCvUPjHU_Rd6JDoUZ77fK_pQF6dohVzH-WGk9EZfccVtGBWlpGp9fJDzX_IdemwpImEPoDeiKrLFP0Y5rm5MPfVQgjbWF2NwCgAAjloa_fwhBekQRDc2J_WhRIYKPpMa3xwTNfLgVX1bGTDB82QdKw3cR3AZa1d71WH1n3CH3_Fst3cknASnln886aBxUIe85FmUUekwSzgHslm73TEOm-xO_QOSXYan4-ykz9y83Mtcld25-G-41Vp23bPZkRR7txcPHVRMPLXPUAWS2ETycWCSOe-8L6kweq3u1rIVnW3yqyM4HGiu-LHqNSlX81EtdCsrLJ2B2dJiXKpsVlmRubeqm1HREscNMWH6cmQ_bPD0tpcdVLyvL4u7fT28_VFZQyuXijjDgLn3ByHdm3NZr17b3vJSYgC-sx8nr3k02DTjkOmSbSVBDmI0O1zEk_dBVfwJzGCtDOTvBDB_0ek7C6YwiiSh9nNZEeOZTB-tivVSnJyW2Tw7x83FE1gdrQ-AA9TXPSLNSebWgKKT6qUdL2uEvy9FmSF9CE9Jm2C4gWtH8imS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 54D9 7 KB
3 KB 97ms
33ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=edc5ba0e5f&subid=&uid=467bb4f1b1df97c3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsWc4uNZfCcBabmn88PxcOQsAim5b2gab2YnKfJD_AuEAEgh5y1CGCV-vCBjAfIAQmpAgww-p8ap7I-qAMByAObBKoE9QFP0L6ZztbYTguNMYP2UStZw5VpMtveVzsUrPSOi7o6PIDQLYL837MyhtoGa4Q3gLVCgVHMlpk5Ye_r0-tj9bBWmCt36ox2JS9ET64sdGjUiaKYRTQRWDOTmOWlmxdhz6_vGHY5swC8G0n3dIBvDRVoci9f9OsdomrSUwz0JmPlqmGQP3vYVc48xQiZmnMOXqyzTwIuzGBD0B4aaWH2qO7E-zOmfeCnXNMLHNKdw1fcVtmlynMjfgVIsbeVn60dCE-LAFoqJGi8zSJ262-YcEEkxhcLUJDrsQvbH7az22GKkINytl_USTud2Qjrn6POjN6c8avIgcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTzs7osLKDA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_jPiVylgb7O3bTFDJQQeUgM0j___-CiAaIlL1qf5a367ToRKZ4lb7r8G7o0LnAqWZzysEQOzxfGSh-SsuqEaR7vH8GLgOTsdEXhgB%26sig%3DAOD64_15tnpxEx9vgiQ-knsnL3X21veyGA%26client%3Dca-pub-1025119172091796%26dbm_c%3DAKAmf-Axz9t8Cx80_BNFEOIVVHnMLMHriN9y3Z6WvMJlDesVLLhnlERe65YpPvaSoc3SzVvFSwny32eJlhYaJhNMZAxq06zQY27x390bg1k1gAEHqwM4EBYiYBV75AMU-K6I8p4OoUUzYYV2BXE06VWvu4dlZMWagdzijdi95YAiB294BLy_9qs%26cry%3D1%26dbm_d%3DAKAmf-BA8-Zt7NrTf7CLpdHv9KBUdVa8hPllQJIf4k9tQuwcPOXz7LuUjr1sQKhjtlVa9qiIirU916SvqxAhGPzOMTAFCVAQ8tGblebM8F4cDIpp0XnGCdXeXFnJJOHndMUZ3hjNlrHLPaZr6VzVyn0VkLrdia6P-ilq8I2VmNuVD8eVCumElmbLKiDrsxVNhsQ84oW6SIwjjAJeMZH4j5n0Ca8gu7bBnJnqXjr6qVTzDC7ygXfoVmdxT8b1IR6uOE2hSCSV-BgoDhYVnf4WarB8Q8kmE21BLHPp8FuvCplebx7EniQeBbnRKwldNO4h-D6iePx6OZS3x1cmbXLnfj5ZmXiPDbutakgY0gN5iY61k-2KmzuGvZf-1Hu7iesTmSItWuolrYotEyOugj8UtmLWfCIfBxM0tFX_QGGCnF07iemx2IoVitrR9lbjNYsf8mt6uuYnPV-Y3nAaTU1VBpb78HP5RAIjX10co5pYFl5acanVZG7nJUC9suGUdapq0s1D6Z0msMJq%26adurl%3D&documentReferer=http%3A%2F%2Fwww.guidetodrawing.com%2F&ancestorOrigins=http%3A%2F%2Fwww.guidetodrawing.com&random=424275332116&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6b3650b4a66e9166df8f5f6dfc868f68133efd0730cd6120e3baec83f2125bf7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2279
Content-Type: text/html; charset=utf-8
Date: Thu, 28 Dec 2023 14:51:32 GMT
Expires: Thu, 28 Dec 2023 14:51:32 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2222 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c486b3ce8822433f7156e61a4bc9cfafb7e3d64b8a9a73019b5627f64c89cab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 54D9 89 KB
32 KB 226ms
73ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:59:52 GMT

GET
H/1.1 200
OK S-300x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 54D9 95 KB
95 KB 164ms
59ms Image
image/gif 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x600.gif
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:32 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-17bca"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 97226

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 54D9 0
150 B 98ms
34ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=85194700090439004444978012552027&a=c490c9bf&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=85194700090439004444978012552027&a=5ba72ad6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 14:51:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 54D9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 271ms
125ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14208044f82d2fb3f294ad90e4897e66b59ae922ed137fa4e8bbf773320a1d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12154
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A9F 42 B
64 B 126ms
112ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6Y52VNch6qwj63UTwNChZ_z_Z6yikHhi7JiywIic2OeXRxNtezYrSYri-YuHyxo88Z9XJn0Lf-K5qzE9-QxpoDPuRjW9vPbNr_37NUYEaI7tYHisAxudAkSsRsSEG6wHa1v2NY7ZqzmkDtsU17Dp3P7ot&sai=AMfl-YRxzb3xXSIlRzXDVg0FvsTR_4Jrhx9TzSYTW4hI1DI2d6PzZj8OwOHgucJnkY2Dxh_fkx55W2hIzSs81xuXlvkMDayRYWo1pYdtmtUmgodyPcM_dP9BLXNi78D98bMI-N5qeFStxslQTMDJb2OzzQ&sig=Cg0ArKJSzAfZ43-2es02EAE&cid=CAQSTwAvHhf_Am-FGus6qQhf3_1DzBQ3SpvsGQcblO_vTcDBpc0wNkef7WXNbIgvYmOSHnmYoBAQp9wxbLBgVeKZDDNCeNtfFNj0H07G11uER9oYAQ&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1331782678&rs=2&la=0&cr=0&vs=4&r=v&rst=1703775090941&rpt=1294&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 14:51:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF58 13 KB
5 KB 74ms
73ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 12:50:19 GMT
expires: Fri, 27 Dec 2024 12:50:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B3D 829 B
996 B 84ms
83ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

929c68a2a8703d093f75bcf75fdbe6282bb42ee6095198bfe70a964918f54494

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n5g0Z-FWeaG8HvXfeasfEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.guidetodrawing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n5g0Z-FWeaG8HvXfeasfEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 14:51:33 GMT
expires: Thu, 28 Dec 2023 14:51:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FF58 39 KB
15 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 12:21:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B3D 0
0 108ms
106ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2059252786311595&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF58 0
10 B 73ms
73ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lfI4oA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:51:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2222 0
20 B 107ms
107ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2974210907941&version=m202309260101&ct=77&x=1&cor=3896276473019029500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 14:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
110ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2059252786311595&bg=!hoWlhcrNAAY3kmNgF5I7ADQBe5WfOAIVqzLtJguHBSaVR-4Z9Sj0z0HvlKBP3nNdBsx9U5hYrT8fmNPG2JYpbnGKahPFAgAAADJSAAAAAWgBB5kC9BlcCuFIvFGWO4ukws7KimRSwsnI6E9rN6hPomyVQelwkX9BjrDb-bTxauH7X9Wk3TvfAAzZbM11kazNxViGpMur1xpOKfLwS0JJet-ITeTNp09GblIUF91YYloGam-yecZr6fbIzigc2vl1ZZh2hqHvwNZoNsxuEmesC3yprebDSvzULkH4ryhVCr4EH3FgedG5JqcPHFbFlHvavrtV1AJjGVtsfmfbpyqVBv_DwoDEyVlGEpfdOWGDqjM8Ok68hAvqsQmLMVS49zsHdoOz_-wkvewQsIi8JHJK1vtdO7b2zUztD9WaF-2mjUQU6xswCXG18GRTJkd2d3Sk9-P8HGRFMDJku7CTI2LKZ1_R9zXrkUPNJUxNbd3xI0jIRZIN_duEUKnLjx58cyGuo23ttgdQ1y4xhzpCC4IWvLVW2z7X4YFH9HzYwvrjsxeIcsKUI6B-Sw_MFk0pks4d7fqSAVp2G8VmnObh5_kGB-44xZo9GXUmvfVTC36eYLF6k8hzOH8m0a779qFsP8miwl2kTGW_GcWndjpXkqIlcffFqKiuLiWy9q7N3tp65g6iRHPwS6n0dVr74LOxnp0SZMvCsNYypwYTxSEfjx_2quKCuvPmpZTiST-YUfPxJoaj2pbwaccJCFkAwuTrkyPTi0qdVB4y0G2SZmsdxgs0VJJ-E3xnN4rKEaDVmnAeK_m-sObBD2IYGFCCucCilmYcKlsPb_nPJteF_Xdji777G_uGCxvqRq-AEkXbtwPiBlbp2wecQNA5EuGYp2htbG88Qog1O7xiKHS_PDLZxAThuOnLFQaZiGX3PrQG7rh9zG4PQl33Th5jLLLpGiXRGkhvtgLfge9l8uNrX4VGILz-l3aMDv3iOMsuYHVC_mseuva6h2eh-oK56V4fjriPpQWWZXKP0VnwzdyI0LBJPERujPoBOuon52cEvirZtFUzVu7ZL8oG9H4Wj9WdkJ6EdaNSZ4L_j5XHz0fXjJTHkeVvBhk1rnHRGofW8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.guidetodrawing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.guidetodrawing.com/	1969-12-31 23:59:59	Name: wire Value: tfdjjolugvvvuvj4qv3spf7p21
.guidetodrawing.com/	1970-01-21 02:52:15	Name: _ga Value: GA1.2.54903639.1703775091
.guidetodrawing.com/	1970-01-20 17:17:41	Name: _gid Value: GA1.2.2011748058.1703775091
.guidetodrawing.com/	1970-01-20 17:16:15	Name: _gat Value: 1
.guidetodrawing.com/	1970-01-21 02:52:15	Name: _ga_C1M30Y84H5 Value: GS1.2.1703775091.1.0.1703775091.0.0.0
.doubleclick.net/	1970-01-21 02:37:51	Name: IDE Value: AHWqTUl6oOQIUF0pSddLOcXexBUIRaiiunYu4mALOb-ZBmIIqyK_ONjV1fXjYOXs
.casalemedia.com/	1970-01-21 02:01:51	Name: CMID Value: ZY2Lc6-gKYRa-gnkBG4H5QAA
.casalemedia.com/	1970-01-20 19:25:51	Name: CMPS Value: 2170
.casalemedia.com/	1970-01-20 19:25:51	Name: CMPRO Value: 2170
.adnxs.com/	1970-01-20 19:25:51	Name: uuid2 Value: 3792817815567933378
.guidetodrawing.com/	1970-01-21 02:37:51	Name: __gads Value: ID=efd927e95c57c98c:T=1703775090:RT=1703775090:S=ALNI_MZkfTbI7bu7LDACzScKNThECYHQRg
.guidetodrawing.com/	1970-01-21 02:37:51	Name: __gpi Value: UID=00000ce8fe9d238e:T=1703775090:RT=1703775090:S=ALNI_MYXWPFnF84ORQ7zVhvs3K6aVNR72A
.adnxs.com/	1970-01-20 19:25:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_rD/'[!]tbPl1M>e)ZlrFUfJ+tGXxp$Vw8w?8jA>CMc$2K:BiWHEa*kDb#o^Ll]eX$3If)y3KL9D3I?+h#?bjs
.doubleclick.net/	1970-01-20 21:35:27	Name: APC Value: AfxxVi4d3i0ewTgGciG1sEvPfe5SrFmWU3jWSVxFqbkPLBlNHPxnmQ
.doubleclick.net/	1970-01-20 17:16:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:59:27	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 19:25:51	Name: 8lcfmzhxc8d6_uid Value: 2ce3b2efed9fe4a9
.googleadservices.com/	1970-01-20 19:25:51	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://s3.amazonaws.com/cc.silktide.com/cookieconsent.latest.min.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adimg.uimserv.net
ajax.googleapis.com
cdn.contentspread.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
region1.google-analytics.com
s3.amazonaws.com
ssl.gstatic.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.ftjcfx.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.guidetodrawing.com
www.lduhtrp.net
www.tqlkg.com
www.yceml.net
138.201.63.116
142.250.181.230
142.250.186.34
142.250.186.66
172.64.151.101
185.89.210.153
2001:4860:4802:32::36
216.38.8.35
23.211.9.43
23.216.203.96
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
52.217.234.176
78.46.111.106
85.114.131.234
89.207.16.75
0aae081a3719c5925bbc0d0cb89e472c4cad6e480af9d0334263005ff34a47e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
14208044f82d2fb3f294ad90e4897e66b59ae922ed137fa4e8bbf773320a1d1d
16284378745ff040c677bbcecbe03a604957d36a42b4c785df40b5cb7fc5aa4c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
29fffd5e93aecf841e2f7885a0b3b091f0f6f52c614d89416c607bf5012d5cb1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c486b3ce8822433f7156e61a4bc9cfafb7e3d64b8a9a73019b5627f64c89cab
3c6c57f1bd8c3b791e093bb009fbb888ddb93dad919b1aa1320e954c4d5ff746
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f0c7742858ce12e69a8dc76098e2ed5439f10f47588e15cc76ed1ab3dab762d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675fe0dc0bb568b7bc8c4ae826115eb212ac8d414aeae60a7cc9afe42ce76e2c
6b3650b4a66e9166df8f5f6dfc868f68133efd0730cd6120e3baec83f2125bf7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebbe9044b19f05b90de5ac549c63010db30b98ca29fa982c107c1be0e019349
7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f
832e2051282531c551ed7e83699c6218022360fb9179cb2e66da41cc9fa56cd3
85772718da1680a8314d9b2283d92b68c49e64926b225b2821f11278d4d62e7b
86c4c3881c024a7d0804f9fe3bd8e89c6587eca60cf9c1916e1ca9f57ced467b
8831a389c93ecab7c1158424469fff19ff9e3e62c020e136a23047171a859436
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
929c68a2a8703d093f75bcf75fdbe6282bb42ee6095198bfe70a964918f54494
98241efed6ff465b0c055a9f8c16124c38059d85fdcf51789b027f503ceda54e
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a24bf435f35ac214cad692735eb2f8a9235101f45c115b1ef1265cc275cf3c50
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
ac81f8a850d709867434db9832fa2812c05d210f89144bf4478a2b6fb1f02bad
af5f9359680d2f3104b7214edb68fda86a1a57423d2910998f82a4a59777c085
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26f6f503efe292c68bba1ebbcc6f04dcc9d5538400f66635af8131c604618ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bd4f1796905260145bb954dd2ef719785a1d5fefe7be66f8de150cc76d88fdd7
be9e8a6d6a9e49cd2d6f190ad50f71856026e7f72da30e995d36b627878b343f
c218b9fcda57a79230698c9212c74f7defe07e0e4590de1c2d22ebff5886762f
c55f2d3236300245b09889abe0913fd79d7e5ebdb786f8e5dd328ca64a02e35b
cc177aa221c4e0ad282870bf1dbada5d1bcb83b4026bae2e40e7e07f6d2f320a
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d360119c59c21fed98e11997aeed4f2363a50537f70e02f26613d98f19df79b3
dc14148c63ea1c38f3e634ac5a66c8d432ec01901b7979521d8a8b412e7d61f7
dcd07bf4ffba2d11c6d69171634486c68daa0d87587a55b9a06cf22170cbf28f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3a5a867e5340834df59e9566b2f2ba7ec1e1441ffeed9f0e415931fdb79ce19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecd06ec114b5508ca6e41713dc9df985780e5c31e0bd03c53ad486aaf8f40817
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd498fd1947a2766f8e5789f96bf580dae97098609c9c7634a175f291cc44dd1
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.guidetodrawing.com Open in urlscan Pro 216.38.8.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

73 %HTTPS

50 %IPv6

20 Domains

28 Subdomains

26 IPs

4 Countries

1913 kBTransfer

3655 kBSize

18 Cookies

7 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guidetodrawing.com Open in urlscan Pro
216.38.8.35 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

73 %
HTTPS

50 %
IPv6

20
Domains

28
Subdomains

26
IPs

4
Countries

1913 kB
Transfer

3655 kB
Size

18
Cookies

86 HTTP transactions
4 data transactions