urlscan.io logo urlscan.io
SecurityTrails logo

dnslytics.com Open in urlscan Pro
172.67.186.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://dnslytics.com/ip/183.136.225.56
Submission: On October 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 11 domains to perform 94 HTTP transactions. The main IP is 172.67.186.243, located in United States and belongs to CLOUDFLARENET, US. The main domain is dnslytics.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2021. Valid for: a year.
This is the only time dnslytics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.186.243 13335 (CLOUDFLAR...)
11 142.250.186.130 15169 (GOOGLE)
4 104.21.19.159 13335 (CLOUDFLAR...)
2 104.21.60.223 13335 (CLOUDFLAR...)
3 142.250.186.110 15169 (GOOGLE)
17 172.217.18.98 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
34 172.217.23.97 15169 (GOOGLE)
3 142.250.186.66 15169 (GOOGLE)
1 2 142.250.186.166 15169 (GOOGLE)
7 142.250.185.97 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
3 4 142.250.185.132 15169 (GOOGLE)
94 16
6    172.67.186.243 (United States)

ASN13335 (CLOUDFLARENET, US)
dnslytics.com
static.dnslytics.com
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
4    104.21.19.159 (United States)

ASN13335 (CLOUDFLARENET, US)
static.dnslytics.com
2    104.21.60.223 (United States)

ASN13335 (CLOUDFLARENET, US)
maps.dnslytics.net
3    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
www.google-analytics.com
17    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.de
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
adservice.google.com
34    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googletagservices.com
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
7    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
cdn.ampproject.org
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
4    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
Domain Requested by
34 tpc.googlesyndication.com googleads.g.doubleclick.net
dnslytics.com
tpc.googlesyndication.com
cdn.ampproject.org
pagead2.googlesyndication.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
dnslytics.com
11 pagead2.googlesyndication.com dnslytics.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 static.dnslytics.com dnslytics.com
static.dnslytics.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
4 www.google.com 3 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com dnslytics.com
www.google-analytics.com
2 p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 maps.dnslytics.net dnslytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 dnslytics.com
94 15

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://dnslytics.com/ip/183.136.225.56
Frame ID: FD5627780188A3F342C2C9430253FBC1
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Frame ID: 0B5CB18EDFFC59EAB2D0BBD95AB90109
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Frame ID: 08564B56CB31A3B637ED35E5917629D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Frame ID: B2DE7B264D6D5CDE27993D497FB19B0E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Frame ID: BCB1679F9BD51094D3EF235C52B72C2D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Frame ID: FA2B4A638F61E416B991C627D1688B69
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806825&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825477&bpp=1&bdt=389&idt=240&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=250
Frame ID: DCFD02A1F02C710EE5AFD7B8B34E788A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
Frame ID: E94A00BEAC9FC8A207669785DEAF6878
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 4242958354AAEBBD162CF199B59CD7D6
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 3BE86F6B3C31A294C637E63ED887B439
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0EF87186436278D9CEC4494F59FFC236
Requests: 2 HTTP requests in this frame

Frame: https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 94B5E0B9C84805361AAB63D608D66166
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECF542419B7D08083F6EC0C61F34D51C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 72E60C14E6AFFBAAD0916795CFC437F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 25477005D793DBBD777051B9AC482EC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 380294DB84CC12FCD78F2518FBBEA1EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D02F840357DB596321D5C9F9BE4950C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CE1A52B4CC0FCE2F22CA2D34E91A721
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

183.136.225.56 - No.288,Fu-chun Road, China

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

16
IPs

1
Countries

1318 kB
Transfer

3195 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 183.136.225.56
dnslytics.com/ip/ 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a49c7f12c9ea31725b3c9ccec547e4704dc25b8d45bbfa63b447d7f8ba1352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dnslytics.com
:scheme
https
:path
/ip/183.136.225.56
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai0B9DdgME%2F%2BNkouaMIt1G3XXflIStSTjoniDtMOfZvGfsE4YzwE%2FDdC7ZmrqGVeSScAEueMp8a7ekgLzik1LKrZWdT1QHumxKtowqeJLEE7QqsOYWrSiPxhla5jvU9Q"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a194ba03d296598-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dnslyticscom.css
static.dnslytics.com/legacy/css/ 		161 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dnslytics.com/legacy/css/dnslyticscom.css?v=2021071202
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65ca8a0002a25b383616f6a2b966d9df874ff49ebe1559430fc41d09e470e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
700017
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:56:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FLVzZVubnnW978zn%2BevgI3NMDnca47gDQXOuNu8Ox0R%2BHYOFRj8Byxx6Mg%2B1TOAHqkxngqi%2F%2FFbWttSKYrhLx5tcEWBJcdM%2BUnVuXdHw0mczQJdZJbT8akf8Rhpkk83t%2FCArs0suA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a194ba198316598-LHR
flags.min.css
static.dnslytics.com/legacy/images/ccflags/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d66dbdccbd0e585f73ca986e9d116bf2b88ec2c29ef4b92ab27ac6579c5c752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738099
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmCPsToGqJVFHx%2FMhE0Vvk7vyRnzLcTbGS2IqyFYS0ROeAw29hM9jex1UbVtDJaEkQLdDqrktohnwvYdB%2BnSMeVgMs%2BxzPYc5kfEyFBszaibkoi%2FBgp1vOM5TkHZwJ9bBbap396i1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a194ba198306598-LHR
jquery-3.2.1.slim.min.js
static.dnslytics.com/legacy/js/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dnslytics.com/legacy/js/jquery-3.2.1.slim.min.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738099
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rrcoNWLChv40iW9bMN1zjok9RjS%2B1VKSaf0DiFjFlO9HwXrYA67Zu3AU5ApHH6%2Fd8BK%2B9Qzj2C6G3xo3eE%2F7RBWSODsA3dXpLO1MzK3YeTpUsHchXl782SbV25EJQpEVN3nVgpkog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a194ba198336598-LHR
dnslyticscom.js
static.dnslytics.com/legacy/js/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dnslytics.com/legacy/js/dnslyticscom.js?v=20180531
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df26b208f8fdfebb6fee8d5e731fd1acff4ccbd316b67ebd373a5269cd5dd3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738099
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyr5IVTY6A0QA7HeJODKGS8zb8rQkYUKYVcwysWlEskxB6n7NGJpUWl6gz97qo6994bDTFt98CXzoo4pn6eNcAQrkPHMtBNlVMb1KJTyLSGvKzvndAhH5KPTa%2Bj7DzhpwZHerEPMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a194ba198356598-LHR
logo.png
static.dnslytics.com/legacy/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dnslytics.com/legacy/images/logo.png?v=20180220
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1470c8774d4bc2b1ffcad0775126bfbe9827a24d2cf9f10bf8424bdec93fc9a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
788315
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3321
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yM8R277DOPWH2aOp4DPazAtPFryxWDx6ouEP79XCvsxxqbaNHMo6oultzM7vSs0ExhTCGjHq22%2Bn%2FXawafsjflfzkE%2B5xa7xTbPKEr8KUNmO20Bv02iPqopNV1%2BWeRpoIfqwF%2BDEqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a194ba209186598-LHR
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2a67a2260e0fe9663a00cdcc31f2a2a6b25660e88bf414fc190999a9afd31bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51017
x-xss-protection
0
server
cafe
etag
993360651511600439
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 09:00:25 GMT
blank.gif
static.dnslytics.com/legacy/images/ 		46 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dnslytics.com/legacy/images/blank.gif
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e745194ca13a573264733f6bf1f66cdf29d59fd72aee3ac9acf8f3a53fcc9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1737765
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ45cxPVCZlxQlN4OmtUSaoiwfyYCObYMQV97PXk5aZ6ALXhKhqXJFUxZ0gb98G8%2FuORz2sDI5n0RplT1deZa0VkVHuK7vsdRIRi5oxzUeAuNSRf4uA9UTMXL5t7y8Ja2pCD4VrTGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a194ba26cdf3a75-CDG
greenlight.gif
static.dnslytics.com/legacy/images/ 		916 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dnslytics.com/legacy/images/greenlight.gif
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68adf3bf2dac9d3a98a0f5695d86748f98c297954f0009289c123cd8a79447eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1737851
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
916
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUA6u1q54slk3N62ZhPccNRiNYfB%2FW1ooEvBzrb02oES%2B1r1uEOguHpyFPUWZwbNeaxogiH3enZ2bdTCMjFG30eP0FHPlaNwsgtEPNE46CJmCykvwDKL3JryOV9HR4GtXIv0jPyziQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a194ba26ce33a75-CDG
redlight.gif
static.dnslytics.com/legacy/images/ 		989 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dnslytics.com/legacy/images/redlight.gif
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e482b73ef0f24fc23a849d87ddfbd5546824f5d1b742008720de1e3e2ddc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1737079
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
989
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvLBfibTeBytmnv4NBHhveqDBoR5QHVOAJ2iWveUh0JR1BAhA5j74fEpCD0dfuTZZr%2FJ83eNhftFEjoZCr2fepqAoiFhcpJ8mp52kPUjI0QSELshYYjORngDa61MGrTcUuhgXHPNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a194ba26ce53a75-CDG
map.png
maps.dnslytics.net/v1/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.dnslytics.net/v1/map.png?width=400&height=350&zoom=8&lat=34.77&lng=113.72
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b028ccd26a6c30b4375ee68c17b40b8893100ab137a0bd257216f5c4eafd478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
186199
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Oct 2021 09:00:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTf1K9T2EVbFCyd%2BUiCY9D095NPPQILAwqmdF%2FOAoXaiUHGUtSo4VmyMfgXUGM319tCSRmd2AbeEXFWwwo%2BqAu1rkIbP4MdDMp46kF%2BZHvLEExQp6nEN%2BxR%2FB6ufwXS%2BRsemTp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a194ba2bbca3b85-CDG
cn.png
maps.dnslytics.net/v1/country/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.dnslytics.net/v1/country/cn.png?width=400&height=350
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad463b29206c7de073f076887967506385bcc04e3d781b78ac9637e757f5f971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8782
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41067
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Oct 2021 06:34:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBgqVbbLJ1mGhAkCziL6IZg%2F7ow3h7bJfpxUMXTsQ2W6Mh6MuHfoca065bT481jemL3LH5La7mJx%2BeF%2Fr2SFrmuNnG6fovUvr2x6AlJMnhoQbITJSqclkXct%2FPoeUbAEOKoAQSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a194ba2bbcb3b85-CDG
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
3559
date
Thu, 21 Oct 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Thu, 21 Oct 2021 10:01:06 GMT
flags.png
static.dnslytics.com/legacy/images/ccflags/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dnslytics.com/legacy/images/ccflags/flags.png
Requested by
Host: static.dnslytics.com
URL: https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8577f10235468472068fc2b89abc4449e01517c346e7a0efc4aa99dd93995569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1737765
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66187
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Les3uix2qeYKam%2BwLLEm6EjqqO9Vq3RfRyBmj4jRG4uDYyO5TDYdnRRfJ2%2B6YffbqD%2FwDokHZ%2BVUDVuy6lQtyvlgjvL7quOnd1ubOvouglol7TSkyVZk54O3zV4lN%2BhUWOTBLe%2B5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a194ba2ad443a75-CDG
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&aip=1&a=1090234225&t=pageview&_s=1&dl=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&ul=en-us&de=UTF-8&dt=183.136.225.56%20-%20No.288%2CFu-chun%20Road%2C%20China&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=679617807&gjid=1992557885&cid=432675823.1634806825&tid=UA-15589237-1&_gid=1638954121.1634806825&_r=1&_slc=1&z=405664815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dnslytics.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dnslytics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&aip=1&a=1090234225&t=event&_s=2&dl=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&ul=en-us&de=UTF-8&dt=183.136.225.56%20-%20No.288%2CFu-chun%20Road%2C%20China&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ip-address&ea=nosrc&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=432675823.1634806825&tid=UA-15589237-1&_gid=1638954121.1634806825&z=1356417309
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 00:40:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30006
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99362
x-xss-protection
0
server
cafe
etag
17114109636645632102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 09:00:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/ Frame 0B5C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211019/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 20 Oct 2021 16:42:38 GMT
expires
Wed, 03 Nov 2021 16:42:38 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
58667
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		203 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dnslytics.com&callback=_gfp_s_&client=ca-pub-7232066202917795
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
035f0c748c0aa6d877c8b18037535638d768b4da1afaf331868344cacb5c877c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 09:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0856 		109 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
0fb0dadd0f3380f2c1c845be5d4867a7fbce2488a6523db2e43b34db79358c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
13925
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:15:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B2DE 		95 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e04537c0efbff1d14224745ebad7098b312047d46e7cfa94557fb3b11a0f8cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
29158
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:15:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BCB1 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e91a8476db5d97e0406b3c9980cc5b831c0bdf2827ae7ffcfc06c643bc16cf29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
26206
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:15:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FA2B 		136 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
75ccd57d87772990ad5d5119a2d19b3932b62e73b791f6df70f9919a2cb0d66b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPTpgoGS2_MCFcqC3godxbsLOw&gqi=KSxxYY7PL4iS3wONwqjQBA&layout=/sadbundle/%24csp%253Der3%24/11041838004244623425/970x250/banner/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPTpgoGS2_MCFcqC3godxbsLOw&gqi=KSxxYY7PL4iS3wONwqjQBA&layout=/sadbundle/%24csp%253Der3%24/11041838004244623425/970x250/banner/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
42962
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:15:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DCFD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806825&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825477&bpp=1&bdt=389&idt=240&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
1f5435823cc24d994556d8ab7b6120ded3861f2fc5d4727f8a5d853e11706be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806825&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825477&bpp=1&bdt=389&idt=240&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
4125
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:15:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame FA2B 		67 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 17:58:30 GMT
x-content-type-options
nosniff
server
cafe
age
54116
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Thu, 21 Oct 2021 17:58:30 GMT
16208292817038427091
tpc.googlesyndication.com/daca_images/simgad/ Frame B2DE 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16208292817038427091
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
d3a800a5d1e00bda3fd6a121555aa9ad026a4aac61ed7f8f91353923f9482821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:30:54 GMT
x-content-type-options
nosniff
age
106172
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67303
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 20:45:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 03:30:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame B2DE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:59:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B2DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1uNhKSxxYdf6LsKnx_APx8-SwA2-9_zjZe3QoOHIDr_hHhABIMb49ghgleKQgqAHoAGbiNGfA8gBAqkCVhV9KKqOsz6oAwHIA8kEqgTfAU_Q-TRS5EeIqVRsXZf1tnGZl01sbFd15_c97r01zWYXfeFbAZK39sJcnXG9c186MU6nBdvRNEl28rHEZ6A2XRldHd0ZlNIDqO5CFd-aR6Mx3u2E-hIi15AparLrKBrGUUznOMXwu4V4mEBRbEI7SEWWx6TycmSeaY6AXLGVvGK8hq4Z1Gcc9yNnONvRtKKs92eDI05Ckctmkq8SOiCxcmqQSeLP7gOcClPMIM0EMd3Kh6a9B7drMCWc2sdhlhM7LlpTqCI1ytlB0r-v0sntpkkrHh3prTlHaegye7Y7nMXABJbDwcLgA5IFBAgEGAGSBQQIBRgEoAYCgAfN965gqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBRCYjZ8C0ggJCIDhgHAQARhfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTcyMzIwNjYyMDI5MTc3OTUYAA&sigh=2rg4Vxz04ow&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 09:00:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 21 Oct 2021 09:00:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame B2DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:05 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B2DE 		67 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 17:58:30 GMT
x-content-type-options
nosniff
server
cafe
age
54116
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Thu, 21 Oct 2021 17:58:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2DE 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 09:00:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame B2DE 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:03 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame B2DE 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/ Frame E94A 		2 KB
917 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
b21eeac4305e90d5f5714f8999d843e1d99cd320aae03dcfedda5d09f549e7bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
887
date
Wed, 20 Oct 2021 18:31:48 GMT
expires
Thu, 20 Oct 2022 18:31:48 GMT
last-modified
Wed, 20 Oct 2021 10:52:16 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
52118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 4242
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26669653.317699290;dc_pre=CMajqYGS2_MCFSfYEQgddYcBag;dc_trk_aid=510311358;dc_trk_cid=160164138;ord=1361701418;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4242 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYLjWKSxxYbSxMMqF-gbF967YA8_Sp_VljfGMoMcO3dKakvcoEAEgxvj2CGCV4pCCoAegAfS4v8UDyAEJqAMByANIqgTgAU_Qd4Em4Fyg62ds0ixk_YMnj0z96c9BI9bVd3VmucWGXv49EAczcrveHLAxqeSpq1lDZ2DhB4Y5gG8R3N1Jbv2DW9jwJq1M0xDdCiif81XAZs5vUQDDFmUps-JV8iwyK8i0BRq-TFlsyenTRAOCxkMqPU8bBUc-F-bknFFAzDsL8pMPn_KX9bBfaMeHMfYlgC_Thx0KQ03S0PeJXU7A8H8hqR9VV0diaOGatGagtoA5Xj_PSYuieapEBeXbD2YSNwUYUJubl9kSZ4M6ob-lH0P-87qivGwYo_tX4RfW4gBkwASGvaHs7QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHntyhrAGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEO2XGdIICQiA4YBwEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03MjMyMDY2MjAyOTE3Nzk1GAA&sigh=XgqzPAx0j2I&uach_m=[UACH]&template_id=419
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 09:00:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 21 Oct 2021 09:00:26 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 4242 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:59:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 4242 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4242 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 09:00:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 4242 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:03 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 3BE8 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
13405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55667
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 05:17:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 05:17:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3BE8 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4996
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3BE8 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
23849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28494
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 02:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 02:22:57 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3BE8 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
16e706e624990591418244745eed2e287beebf41e6173e47c905768752b19135
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16762
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 01:05:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"294e22e1c9709f2d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 01:05:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3BE8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1635
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3BE8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12816
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
truncated
/ Frame 3BE8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e33f2042be5fbd997250684e6dbac0de114cfa668d1e47a4558e7fcf7d3dd35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
tf1.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/tf1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
1ad8e918ff383329cde8a617ab9077ac12461316fc98782420ce1914d0dff97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:00:39 GMT
x-content-type-options
nosniff
age
17987
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1665
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 04:00:39 GMT
pulse.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		206 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/pulse.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
185d41a2fd0e1cc4fa14bf94503c9074731e19ff7c00a28456d9fb7b253e1b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:45:11 GMT
x-content-type-options
nosniff
age
267315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
206
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Oct 2022 06:45:11 GMT
bg.jpg
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/bg.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
9ebd93d3bab78bd90bd07859b9216e38dd7032fda52bb5b2b74e09255fb80a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:45:11 GMT
x-content-type-options
nosniff
age
267315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17103
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Oct 2022 06:45:11 GMT
tf2.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		1014 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/tf2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
336e3cecc62ccfa1443be07dc5d489f1f5838cea401603e4e320010e14a1cd4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:45:11 GMT
x-content-type-options
nosniff
age
267315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1014
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Oct 2022 06:45:11 GMT
icons.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/icons.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
30573c5c7dfdb8cf00fce63177cfe54964b74e50e05237ec60ab36874b7291dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:45:11 GMT
x-content-type-options
nosniff
age
267315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2091
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Oct 2022 06:45:11 GMT
cta.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		856 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
a571f2d9fb542a2beee97670a2f2a5e0bceb045005ad7689106cee5df0b39f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:46:13 GMT
x-content-type-options
nosniff
age
15253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
856
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 04:46:13 GMT
logo.png
tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/ Frame 3BE8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8750222356137251850/DBFV_MR_HTM_Lockenfrau_300x250_GDN/img/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
01a2c6d450d8a4674d202ad25682829d7a3ba08877dcee7ae5901b96e360beb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:30:17 GMT
x-content-type-options
nosniff
age
19809
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3665
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 14:27:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 03:30:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
70933
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 21 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BE8 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 20:55:41 GMT
x-content-type-options
nosniff
server
cafe
age
43485
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 21 Oct 2021 20:55:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3BE8 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CE_ndKSxxYbTwLtDi-gbd_LvIAYbUrd1lh8OpydYOv-EeEAEgxvj2CGCV4pCCoAfIAQmpAhWV-N30jrM-qAMByAMIqgTUAU_Q4uaJR74lKAHMrUa1nObv-YatLK_iM-hkagWPWZonaWtANHCQHHno3d0QL24jSdvX2Vz7SBBkI8Z3ZPxM5OW3qlCJpVRb_PaOjdx53hCHYTPS4YF9kWygR6wN5QmDdOrsZ9172DIXsySsS3sjWPlL79eqEDjACEdh3CJADyfbefo7tvwrtQt5Q8Kg-mE14lgxO9I4dvBUNrq1-ACf9jd7hDuTh44ofjWN3e_gCouejDYvEco-B6GWFmcmlzRAf5UQLCg5FfuqcY-GXBBWdSyZXugxwAS_kN-H2QOgBi6AB_r6zvECqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCr2CfSCAkIgOGAcBABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNzIzMjA2NjIwMjkxNzc5NRgA&sigh=MqA3PurWFmo&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 09:00:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0EF8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlBA6CrrUF0CqAXw9z_X3K0N4IAC1WdQxqtVy2p7wh1bZFSXkirp-rLLkDNaSI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 94B5 		247 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
093951bbe46928eb65f0af0b8f24e32fda88da9d7674ed13824b61a664373054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-MoBmTZHxNK4xZO_OL_b3UQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
206
date
Thu, 21 Oct 2021 09:00:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
s
googleads.g.doubleclick.net/pagead/drt/ Frame ECF5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E94A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E94A 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 21 Oct 2021 13:46:49 GMT
lottie_light.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/ Frame E94A 		143 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/lottie_light.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
52116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40854
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 10:52:16 GMT
server
sffe
date
Wed, 20 Oct 2021 18:31:50 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 18:31:50 GMT
truncated
/ Frame 4242 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3d0e47e1e5279f7fe1e86bd9453b525f8ad33d24eb68beb3b160342f59ff3c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2DE 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
850b593c6790c6e86a0ac13fc915d659243d30a043e00cb0619c74a3a97f3750

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0EF8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 10:00:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
970x250.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/ Frame E94A 		56 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/970x250.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/lottie_light.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
4102c12809df8b44486cf1c42384dcabdaf4daf258730113ac0dfc9cd5f38255
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
52114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9912
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 10:52:16 GMT
server
sffe
date
Wed, 20 Oct 2021 18:31:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 18:31:52 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012110042008000/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7332
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d5fdbd4c4c0d534"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
iframe.html
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 94B5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
bcfc9f4aed70744895f704b20b6f0dc9b5dbe22570482fa502ab0cb2223de1ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-bAhzVtOigHK3kPeykESxcQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1863
date
Thu, 21 Oct 2021 09:00:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
si
googleads.g.doubleclick.net/pagead/drt/ Frame ECF5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=241&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3477&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=CTtpXIafNI&p=https%3A//dnslytics.com&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 10:00:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/images/ Frame E94A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11041838004244623425/970x250/banner/images/img_0.png
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/183.136.225.56
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
0fee5aa4da9c2cbba60ef7fb0816885cb282ea35d407d51ca3919d6e92d25d96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
52114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12156
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 10:52:16 GMT
server
sffe
date
Wed, 20 Oct 2021 18:31:52 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 18:31:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
70933
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 21 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BE8 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 20:55:41 GMT
x-content-type-options
nosniff
server
cafe
age
43485
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 21 Oct 2021 20:55:41 GMT
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame E94A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:04:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 12:04:44 GMT
7881889435443786513
tpc.googlesyndication.com/simgad/ Frame BCB1 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7881889435443786513?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmohz4PIFcqTJTqtaBhPtF7srPPSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
cc1dbccb01bd9d887a665774309484c8a7b8f8e3764c7601db02518a5061ff7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:34:46 GMT
x-content-type-options
nosniff
age
105940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
54192
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 20:48:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 03:34:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame BCB1 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:59:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BCB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BCB1 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 09:00:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BCB1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 09:00:03 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BCB1 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BCB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUcT6KSxxYee3L5bogAfLk6SYAr73_ONl1c6g4cgOv-EeEAEgxvj2CGCV4pCCoAegAZuI0Z8DyAECqQJWFX0oqo6zPqgDAcgDyQSqBN4BT9DxOClIyBMf1kH8fXJHOdFPDjLU8cFpK1XfK-BVIobElw-p-OPgzHvDzPiztgKXhRwHW0nFQJ8xVe8YlG4LiN63x3yzGhXTYSjxvzQsEYU3ZFOADib9E8l_0iPzXpnkvbfEnSCCAsm_xk4i7nDiCv8_tmRYEdV_MiUccgxUCMl67Px5mOgiamfqAMy_Om6NJoxnzf21bbzVXjA9M26LgBm_I9C78b-78K6otqXCOwg7P95C6wB0OO_Ct09i44iN8efZKFIc915LlCrKBUHJk-ZqEq-CaB7nxQB7U6dpwASWw8HC4AOSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQu5w30ggJCIDhgHAQARhfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTcyMzIwNjYyMDI5MTc3OTUYAA&sigh=mburldI9EdA&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 09:00:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 72E6 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BCB1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96cc5d9ad5fe6ba18b6365602899d9fecb84953366374be4be7361686843f48d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 2547 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825463&bpp=2&bdt=375&idt=217&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ndZJIlFjwV&p=https%3A//dnslytics.com&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:04:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 12:04:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4ad0866548136eb8036613009139ef830b48feb7ac500554a6d684f5be38d03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8518
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 72E6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:27 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 10:00:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 09:00:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 09:00:27 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 3802 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806825&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825465&bpp=1&bdt=377&idt=227&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=4544306764759&frm=20&pv=1&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tpri3hhneC&p=https%3A//dnslytics.com&dtd=235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:04:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 12:04:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 21 Oct 2021 09:00:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D02F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 21 Oct 2021 07:47:05 GMT
expires
Fri, 21 Oct 2022 07:47:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 8CE1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
e71c45640095418662cee10cc4bafa76233a5281710516f24fbfebb0a8a606ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z9IFV6NR3foqgfLW4pMUFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 21 Oct 2021 09:00:27 GMT
date
Thu, 21 Oct 2021 09:00:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Z9IFV6NR3foqgfLW4pMUFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame D02F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:04:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 12:04:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8CE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211019&jk=3747551427749624&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211019&jk=3747551427749624&bg=!JiWlJWHNAAao6lBpqOo7ACkAdvg8Wv1sgaUF8N5jZ641fQgrge7QaJVJ004osOA3YGzQqB9nyu2nGgIAAAD6UgAAABJoAQeZAsMJEgL-lP8_D02Xdn3RE4MukOsmFoj54tCMBUXeq9iD1BOa4zhjJBD-jdLXdYNJnxW1yxVXsMjlaLdv_JZ0vnDCJWDKqMi9sGeFH34Wt9zNW68CpDAQCPXbqMreMNzNUxuaB068PjBSf3bCx0lTaa99jCcNkTEQBbIQgkVwZ9xUSwBijzQt-u6TWrvTOZV9ikoyOlWLitHWdVz3Oak4yz5mopydchg5MVTlZ_bGPE2QWY3BvwG3M6rOhXWtR7luy0zx6g-XjtxHq5RYRlsEiIak_mt-JzB6OSaqEbnNEIaLpNalcl1e1MiLzN6k7sCbiOHmiA3U2WzHF0lt0S5P5flAcrRILs-tz1Nt7AJHircOjDoryXOmjmc27bgMb3EbC7-3-fImn7H_6t7Fzb32eI6bHivzMIYrkpy645SIWmvHBxa2PDU3fZUvUIJ_XsHgrl2VHazeNIE7z08pKdE60EleXHGkQqDkPD0ebC2kFcbe4ndHkUfU1w87vIWYilNi4l0UfgoWCaj0pSPksQ4ciIKO9ZIqj-gBlLg3zHxmNrauiU6EBc3xb5qgLaRvR2Hh12jqPkTiqUdsHh-PA6GWbhvltA3Zd59XT9b0tzr-0bKt91d3AJQj-l8H68jyR4O2iMSMG5yaFUWlRK3die65yqJpG_1xMy86xhzbVgibPVnhub3TsiwXhIdO3rXyUzmq-WBiOyF0-8PMfZjZ4u1VFxwhGrl7grDdKwNnmILcPJqv5_OjYueZ4r_TxjSWMt2xuAmjHF2tMV31Gf7ssswp6khAYgxGm8bacyOEfCtN76TlI8NZAJ92onJd3g3M_i1pVjoOlwk_wzLDpaQjHg4cLp_3eLh9u67oiMPftx81xR2TNKK3gP62oh0ktzzEg_JNOo8p-MsXrDxnENU1xFiZVaTsO_CcYi-r7mivajZpA-wh_8iquQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3BE8 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cgk0kKSxxYbTwLtDi-gbd_LvIAYbUrd1lh8OpydYOv-EeEAEgxvj2CGCV4pCCoAfIAQmpAhWV-N30jrM-qAMBqgTUAU_Q4uaJR74lKAHMrUa1nObv-YatLK_iM-hkagWPWZonaWtANHCQHHno3d0QL24jSdvX2Vz7SBBkI8Z3ZPxM5OW3qlCJpVRb_PaOjdx53hCHYTPS4YF9kWygR6wN5QmDdOrsZ9172DIXsySsS3sjWPlL79eqEDjACEdh3CJADyfbefo7tvwrtQt5Q8Kg-mE14lgxO9I4dvBUNrq1-ACf9jd7hDuTh44ofjWN3e_gCouejDYvEco-B6GWFmcmlzRAf5UQLCg5FfuqcY-GXBBWdSyZXugxwAS_kN-H2QOgBi6AB_r6zvECqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCr2CfSCAkIgOGAcBABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNzIzMjA2NjIwMjkxNzc5NRgA&sigh=BvCuoqO18TE&vt=1&template_id=419&uach_m=[]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806825&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F183.136.225.56&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806825459&bpp=4&bdt=371&idt=175&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=4544306764759&frm=20&pv=2&ga_vid=432675823.1634806825&ga_sid=1634806826&ga_hid=1090234225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3747551427749624&pem=528&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YIGa6cBQ2I&p=https%3A//dnslytics.com&dtd=210
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 09:00:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BE8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXmkAaArzVKmTpXGShFeDvrvvWclpkDmUwfDu1swbywEJIGFBZTHItoQwU7H6V77aZC9AQnwzsukrrKpVaje92cIBIZErt3DECW83n&sai=AMfl-YTdWfpH5FeMbQ4XG13u0IaEn0kP7iP-61LftnGQLwm0Vt25vuTiFS22wS8DX-5Et7XF9mAnDr9UFF79&sig=Cg0ArKJSzNI1M80rpMrcEAE&id=ampim&o=109,230&d=350,292&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=132&tls=1132&g=100&h=100&tt=1132&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3736557478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BCB1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvYBbloU-odZ5LRP7kqx-XXVHeZ3RPJJPEArZTIfD2R5gWyAcq-_MonEaX0at1GJvcIgijIY4eaPZjFV7Hmx1gKfpUpJfCQU1IWZ_9oXSAgSCUGbLUFA&sai=AMfl-YT90heBCJLmij4vbspsdblZ5nyEItyCiOC_r5y4yfMY5yYg44aVWRuKWYmDwiCUmEW4Y3boH7S3hQnD&sig=Cg0ArKJSzBq-whOZNzi6EAE&id=lidar2&mcvt=1000&p=0,5,280,341&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1671836299&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634806825701&rpt=1192&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| LazyLoadStore function| init function| toolbtn_click function| scrollevent function| ScrolledIntoView function| ToggleMoreOptions function| DisplayDefaultHide function| SelectAll function| getHostname function| AjaxCall function| GetWhois function| setCookie function| ontouchmove object| bootstrap string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.dnslytics.com/ Name: _ga
Value: GA1.2.432675823.1634806825
.dnslytics.com/ Name: _gid
Value: GA1.2.1638954121.1634806825
.dnslytics.com/ Name: _gat
Value: 1
.dnslytics.com/ Name: __gads
Value: ID=c01ca197f293b19e-2202d89cf9ca0018:T=1634806825:RT=1634806825:S=ALNI_MZ0pnLUuafmNThSiGWCK3Vqm5LuHQ
.doubleclick.net/ Name: IDE
Value: AHWqTUltbJQ5ExJCymS5PAH0mID-CFYRtkUI-QYECheJiTJKfAaLLhmkXAGRobNBVNM
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
cdn.ampproject.org
dnslytics.com
googleads.g.doubleclick.net
maps.dnslytics.net
p4-gbzms6v6jdryy-riyvuv6zfkoj3v4t-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.dnslytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.21.19.159
104.21.60.223
142.250.184.194
142.250.185.130
142.250.185.132
142.250.185.97
142.250.186.110
142.250.186.130
142.250.186.166
142.250.186.34
142.250.186.66
142.250.186.67
172.217.18.98
172.217.23.97
172.67.186.243
01a2c6d450d8a4674d202ad25682829d7a3ba08877dcee7ae5901b96e360beb0
035f0c748c0aa6d877c8b18037535638d768b4da1afaf331868344cacb5c877c
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
093951bbe46928eb65f0af0b8f24e32fda88da9d7674ed13824b61a664373054
09e745194ca13a573264733f6bf1f66cdf29d59fd72aee3ac9acf8f3a53fcc9e
0b028ccd26a6c30b4375ee68c17b40b8893100ab137a0bd257216f5c4eafd478
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0fb0dadd0f3380f2c1c845be5d4867a7fbce2488a6523db2e43b34db79358c9a
0fee5aa4da9c2cbba60ef7fb0816885cb282ea35d407d51ca3919d6e92d25d96
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1470c8774d4bc2b1ffcad0775126bfbe9827a24d2cf9f10bf8424bdec93fc9a2
16e706e624990591418244745eed2e287beebf41e6173e47c905768752b19135
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185d41a2fd0e1cc4fa14bf94503c9074731e19ff7c00a28456d9fb7b253e1b28
1ad8e918ff383329cde8a617ab9077ac12461316fc98782420ce1914d0dff97e
1f5435823cc24d994556d8ab7b6120ded3861f2fc5d4727f8a5d853e11706be5
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2a67a2260e0fe9663a00cdcc31f2a2a6b25660e88bf414fc190999a9afd31bd9
30573c5c7dfdb8cf00fce63177cfe54964b74e50e05237ec60ab36874b7291dc
336e3cecc62ccfa1443be07dc5d489f1f5838cea401603e4e320010e14a1cd4a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39a49c7f12c9ea31725b3c9ccec547e4704dc25b8d45bbfa63b447d7f8ba1352
3d66dbdccbd0e585f73ca986e9d116bf2b88ec2c29ef4b92ab27ac6579c5c752
4102c12809df8b44486cf1c42384dcabdaf4daf258730113ac0dfc9cd5f38255
4ad0866548136eb8036613009139ef830b48feb7ac500554a6d684f5be38d03f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5e33f2042be5fbd997250684e6dbac0de114cfa668d1e47a4558e7fcf7d3dd35
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
68adf3bf2dac9d3a98a0f5695d86748f98c297954f0009289c123cd8a79447eb
75ccd57d87772990ad5d5119a2d19b3932b62e73b791f6df70f9919a2cb0d66b
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850b593c6790c6e86a0ac13fc915d659243d30a043e00cb0619c74a3a97f3750
8577f10235468472068fc2b89abc4449e01517c346e7a0efc4aa99dd93995569
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
96cc5d9ad5fe6ba18b6365602899d9fecb84953366374be4be7361686843f48d
9ebd93d3bab78bd90bd07859b9216e38dd7032fda52bb5b2b74e09255fb80a9b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a571f2d9fb542a2beee97670a2f2a5e0bceb045005ad7689106cee5df0b39f99
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65ca8a0002a25b383616f6a2b966d9df874ff49ebe1559430fc41d09e470e4b
ad463b29206c7de073f076887967506385bcc04e3d781b78ac9637e757f5f971
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b21eeac4305e90d5f5714f8999d843e1d99cd320aae03dcfedda5d09f549e7bf
b4e482b73ef0f24fc23a849d87ddfbd5546824f5d1b742008720de1e3e2ddc02
bcfc9f4aed70744895f704b20b6f0dc9b5dbe22570482fa502ab0cb2223de1ac
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
cc1dbccb01bd9d887a665774309484c8a7b8f8e3764c7601db02518a5061ff7e
cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7
d3a800a5d1e00bda3fd6a121555aa9ad026a4aac61ed7f8f91353923f9482821
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968
df26b208f8fdfebb6fee8d5e731fd1acff4ccbd316b67ebd373a5269cd5dd3f3
e04537c0efbff1d14224745ebad7098b312047d46e7cfa94557fb3b11a0f8cba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71c45640095418662cee10cc4bafa76233a5281710516f24fbfebb0a8a606ab
e91a8476db5d97e0406b3c9980cc5b831c0bdf2827ae7ffcfc06c643bc16cf29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d0e47e1e5279f7fe1e86bd9453b525f8ad33d24eb68beb3b160342f59ff3c1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3