www.calculator.net Open in urlscan Pro
69.10.42.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.calculator.net/ip-subnet-calculator.html
Submission Tags: falconsandbox
Submission: On July 14 via api (July 14th 2022, 6:51:05 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 69.10.42.201, located in Allentown, United States and belongs to IS-AS-1, US. The main domain is www.calculator.net. The Cisco Umbrella rank of the primary domain is 48976.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 10th 2021. Valid for: a year.

This is the only time www.calculator.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	69.10.42.201 69.10.42.201	19318 (IS-AS-1) (IS-AS-1)
4	2600:9000:206... 2600:9000:206f:b400:b:6141:e700:21	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.246.186.77 54.246.186.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:6a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	54.187.118.164 54.187.118.164	16509 (AMAZON-02) (AMAZON-02)
55	20

2 69.10.42.201 (Allentown, United States)

ASN19318 (IS-AS-1, US)

www.calculator.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:b400:b:6141:e700:21 (United States)

ASN16509 (AMAZON-02, US)

d26tpo4cm8sb6k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.186.77 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-186-77.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:6a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.187.118.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-118-164.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	102 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 223 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	199 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 899 static.adsafeprotected.com — Cisco Umbrella Rank: 611 dt.adsafeprotected.com — Cisco Umbrella Rank: 550	94 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597	4 KB
4	cloudfront.net d26tpo4cm8sb6k.cloudfront.net	9 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 411	17 KB
2	calculator.net www.calculator.net — Cisco Umbrella Rank: 48976	9 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 282	48 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 6937	792 B
55	12

	Domain	Requested by
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	dt.adsafeprotected.com	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.calculator.net securepubads.g.doubleclick.net
4	d26tpo4cm8sb6k.cloudfront.net	www.calculator.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	static.adsafeprotected.com	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com www.calculator.net
2	www.google.com	tpc.googlesyndication.com f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
2	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ssl.google-analytics.com	www.calculator.net
2	www.calculator.net	www.calculator.net
1	s0.2mdn.net	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
1	www.googletagservices.com	f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
55	20

This site contains no links.

Subject Issuer	Validity	Valid
*.calculator.net Go Daddy Secure Certificate Authority - G2	`2021-09-10` - `2022-09-08`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.calculator.net/ip-subnet-calculator.html
Frame ID: 9BFE1D96394454F283AF90F6E0871F57
Requests: 17 HTTP requests in this frame

Frame: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA190DF9849C894F188131A2A2FE54CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B19979E90796F3B24EA18960AF9D6FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6B6450B3D19C5693FFE8B78F73E29C6
Requests: 2 HTTP requests in this frame

Frame: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DF601E8A5E985882B4A360086C85E6A
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNuP184BMAE&v=APEucNVUsQg262OyCUCMEaQatUUOoFEhSXSEr08F4BjYFh2_eGv522Nr_ONCuGYeLamx2PijgRLAkXEoEafjKazey_jGzbzaLF8smxaqWmHOlHZEqvXFUd05CYZDLwKQuyNABzpxjKvKxSZxXn9cpKr1eAmnnkdHllNdHYc4Scy9TpecaTFThA8
Frame ID: E8820BED15333AD1EA369317499BD6D8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06D51DFC1B5042747E2C6A181709B61D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3B981F8A195BE7DE816CC89D184C02B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IP Subnet Calculator

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

55
Requests

91 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

20
IPs

4
Countries

525 kB
Transfer

1378 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOLlEaaqXFhL2Lgro-X2GG4&google_cver=1

Request Chain 30

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtBllaofEJFh4nOJnMHPkAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkIKLvtvKGBk01C2mIoGOk&google_cver=1

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENTp3npwdJffs1KzhB4olBA&google_cver=1

Request Chain 32

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDc0OTEwMzkyNDUwMTUzNA%3D%3D

Request Chain 44

https://fw.adsafeprotected.com/rfw/st/1095913/64297468/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.calculator.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8f7e647d-ad30-b983-c32b-f45df732b373,c:imWHMW,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-77464584f9-l45xz,rg:ie,pt:1-5-15,mu:10000,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,mot:0,app:0,maw:0,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:e807b660-03a5-11ed-9d1a-0eac6e6230fc,v:19.8.324,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ip-subnet-calculator.html Show response
www.calculator.net/ 18 KB
5 KB 320ms
105ms Document
text/html 69.10.42.201
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.42.201 Allentown, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips / PHP/7.0.10
Resource Hash: a95c43b32e567f1bdea42db0efd0b77c5cb76948719af9d29afe5efdce7d9b02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 5175
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 18:51:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
vary: User-Agent,Accept,Accept-Encoding
x-powered-by: PHP/7.0.10

GET
H2 200 style.css
www.calculator.net/ 12 KB
3 KB 103ms
102ms Stylesheet
text/css 69.10.42.201
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.calculator.net/style.css
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.42.201 Allentown, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: d9e4810d5a5aee260150599167a8bdeda830762e9ed61def6a69c344b86a8dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/ip-subnet-calculator.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 04:56:37 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=172800
accept-ranges: bytes
content-length: 3166
expires: Sat, 16 Jul 2022 18:51:00 GMT

GET
H2 200 common.js Show response
d26tpo4cm8sb6k.cloudfront.net/js/ 15 KB
5 KB 119ms
21ms Script
application/javascript 2600:9000:206f:b400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/js/common.js
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 1ea13c0a1eda56b6872e008ea2081ef351b128c936ea1b43d261b6f6c17742be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 04:48:12 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 04:54:40 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 50568
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4642
x-amz-cf-id: Y01bUM1Wob3TN8QpyS-P8iMuWx2ZGmL8hhV_kfxRcMfTSgWWCfLWeg==
expires: Sat, 16 Jul 2022 04:48:12 GMT

GET
H2 200 calculator-white.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 4 KB
2 KB 105ms
21ms Image
image/svg+xml 2600:9000:206f:b400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/calculator-white.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 7e115279cd60609a24219e5e27010386eff6aa445ce6a73a19d256aefd6daa89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 02:52:51 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:09:06 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 85207
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1759
x-amz-cf-id: oZmOPq0sePHnnpajZmCnkMq5lSTxwNrFURVEjBFwgnA_XRtGHPPZGA==
expires: Fri, 15 Jul 2022 19:10:52 GMT

GET
H2 200 calculate.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 2 KB
1 KB 105ms
22ms Image
image/svg+xml 2600:9000:206f:b400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/calculate.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: d1f69317185bc5ce55a63bc5426fa21feca03f460854624c04589b690832b8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 22:11:34 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:09:05 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 74366
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 863
x-amz-cf-id: OC6-edfp1t2TAGmMX2aOABENaZc6EMpYDDuyDzsau7mCkZI8k33Urg==
expires: Fri, 15 Jul 2022 22:11:34 GMT

GET
H2 200 clear.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 892 B
927 B 105ms
22ms Image
image/svg+xml 2600:9000:206f:b400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/clear.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 27f668e3594f380f3428f8d72bfb46c7876ff7f9858674432fa160379871a8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 06:57:37 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 19:23:27 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 138028
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 523
x-amz-cf-id: uwVAeGgl9ij-fyjOYHUmfigIhEXsB4V8UkSQRsIvhG66vJEoLorB0g==
expires: Fri, 15 Jul 2022 04:30:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 99ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

89e2327f4eab7751d6d4d5cee0343f80d1f3dea3fd5e76001533c393f0bba7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28321
x-xss-protection: 0
server: sffe
etag: "1274 / 436 of 1000 / last-modified: 1657796850"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Jul 2022 18:51:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 82ms
22ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6
date: Thu, 14 Jul 2022 18:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 14 Jul 2022 20:50:54 GMT

GET
H2 200 pubads_impl_2022071101.js Show response
securepubads.g.doubleclick.net/gpt/ 375 KB
128 KB 22ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 13:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131021
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 08:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jul 2023 13:49:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
115 B 75ms
30ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.calculator.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7bb109f75733d72ba516ea8e3b8695cbbeeaee461399262953b7766f2e0e6b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Thu, 14 Jul 2022 18:51:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 70ms
28ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=447825632&utmhn=www.calculator.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=IP%20Subnet%20Calculator&utmhid=400726669&utmr=-&utmp=%2Fip-subnet-calculator.html_____Section_4_DE__do&utmht=1657824660575&utmac=UA-3068863-11&utmcc=__utma%3D9212199.1817112893.1657824661.1657824661.1657824661.1%3B%2B__utmz%3D9212199.1657824661.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2105172510&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 108ms
32ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.calculator.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.calculator.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 577ms
577ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3143573044116104&correlator=4211194467066237&eid=31068222%2C31068414%2C31068428%2C31061165%2C42531607%2C44764001%2C31067825&output=ldjh&gdfp_req=1&vrg=2022071101&ptt=17&impl=fifs&iu_parts=1057446%2CCalculator-Top-Right-Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&adks=3640173279&sfv=1-0-38&ecs=20220714&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1657824660609&lmt=1657824660&dlt=1657824660348&idt=233&adxs=1014&adys=76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.calculator.net%2Fip-subnet-calculator.html&frm=20&vis=1&psz=336x290&msz=336x0&fws=4&ohw=1100&ga_vid=1817112893.1657824661&ga_sid=1657824661&ga_hid=400726669&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eecfea39b5477721fd37b58cc869d704713efe1b2986ff963f2c1fe829a70f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7951
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.calculator.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA19 6 KB
4 KB 108ms
29ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 18:51:00 GMT
expires: Fri, 14 Jul 2023 18:51:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 161ms
36ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7f3a2fe35867a31c8891e8e8e168fe8cb9a4b7c536ec8e9c5710f12b6e621b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10864
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 18:51:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B19 13 KB
5 KB 66ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 18:13:47 GMT
expires: Fri, 14 Jul 2023 18:13:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F6B6 783 B
1 KB 80ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a64c912009ef5fc4b72228760c9bcfc4035d77fcdc13d7828c3e54461683575

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IXtapHdP7cixYJ-sk6BcvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.calculator.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-IXtapHdP7cixYJ-sk6BcvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 18:51:01 GMT
expires: Thu, 14 Jul 2022 18:51:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B19 36 KB
14 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 20:45:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F6B6 0
0 99ms
65ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071101&jk=3143573044116104&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 container.html Show response
f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DF6 6 KB
3 KB 64ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js?cb=31068428

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 18:51:00 GMT
expires: Fri, 14 Jul 2023 18:51:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B19 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FwveyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E882 624 B
975 B 84ms
33ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNuP184BMAE&v=APEucNVUsQg262OyCUCMEaQatUUOoFEhSXSEr08F4BjYFh2_eGv522Nr_ONCuGYeLamx2PijgRLAkXEoEafjKazey_jGzbzaLF8smxaqWmHOlHZEqvXFUd05CYZDLwKQuyNABzpxjKvKxSZxXn9cpKr1eAmnnkdHllNdHYc4Scy9TpecaTFThA8

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 18:51:01 GMT
expires: Thu, 14 Jul 2022 18:51:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3DF6 70 KB
33 KB 122ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN7nmIg6mc0R0zLC41QIrMXme9g60A0XHGjIBDih61q4pD7Q8vEpcUygcbalD8dCtUvRei2Qay1XFsM8jVHvaxW5DjKnpsQuRN-Cz9Zw4BQ-zuGGEpW-8l2H758GSeSmOeMVlo2zP9uOAiWh8rammHLZcevw&dbm_d=AKAmf-CDWAV2q_heNbcT10bXhK2Y37eBEjzCV5ZtQRvMDSuyksT08gzqAdRVpAFdX331w-uGESvxTkfvr1a8P1ipm76n4mWTMQgISNIMkBFd6I5wvEqHsJvcUp-U7AVaMsMiTizJ_l8KTRQtGJElSpPTlshjLz9pbJDqdGKedoDyszR8p319GsLRk03Y0OxcRYLAKXyNWtl2bqncJ6XJTjn5dHTZcdG-ekSlDr6oNolDEdHF9ER5_adZz3u0l0AtyGBQlNWMErmNl4O94Yk9B_e72F3fKR1M8cvOAhSAKtH4WaCpwhB58nRVpo4PXe9ep8ho0NbaZ0oEEBk0ukcbYp-dmFpCLt6mVI6jqfTmIJIy7Rdaf1McQFgjJU64Kj5PtN0pW5fekIFxmGSLHsh00wYfZRshtUGMAFF_p58UbH1Nz2AzZvcuzRyunnH366pjOSnIPk3sHk9UcSGZ-3x68VxyCD3m0mSn13JTgArMo5odtTdI1q1m6Bm0N5koUcV7oD3LlLwHj8qinAJFVbliqLa36PjDVdoZl0j9eHK_jwKGCv7m7okVxwcOycFKp7NNlr_cpKMRx_qrSTjjuhh-DOgSxloKwtCzzPa72GL76BGY6HrXwip2hmMHIIoe6XZD6PvKhCGBLTGk3KqHQJPnZHi2ilZgvmoD4bIzO8XIFAbAa43hk9PBBvVUHLFh1gM4b48lHPOD3SZVg6ElTOfJB1zWlPOZBoh-dIrk8aX5dul82zI67ZmkuAfgM-ucAcxbMiLUeGCw2yXqOY4kTSlHCIawULWhLOjn5HUZCdX4lrdgDEP_QPmS5SCvrquoA__ZbxN6EAq4YDFVfW1kzGfbDUdUk5RcmohDpAfFcgu1Fpqmnz5IDRVsyNid39UO-qmtjFZy_Yt7gXA4dj9s5YE1yPQRzOJDl8vx6z9mgj8PKJGXCqZ02Gffk_JaL-RuNC97zmBnKB-WR0KNd9ywux8OYGi-g8NZkgqYIlEWOzVp_fahHILjeJZQj4gZDfGmD4c2UuTf1I71Aexs7jLfiecB6s_6dUbUggP0ABnQJEjqI6sguTegkvJFtXLosS-M9O6EBniTIweYInyvSHfnyb2k93XMXbVTbn7nlw9k8z2Bfk9njQ4hn5Rm6sVIKYOEyWfSJ61kMEyDm0WgRmsDucmGLbRKTCBQ_-WFo1tAbPqcSa0RXyhb2pGdNJ_OVD3tt_mzHs2jDpXrYevZfO353VfGWHgW5-elOP0gmOHHpJm3m-yCocIU_91jqRxBidXCnvl_ChVZ5XpbtDqcpAvlPYA2VYLqnCWlg8u6Lg_3SHEzDrAFoON2Yb7Ieq_eHG3yrOv6sETjj0FknGNeqKSzxQBytBYOa9g9SaBF2wtnPnxooGHhz1KelZfYTj1GJLi5M6yVKSyHX4Kbwjo55WYMctaOspRBFQyTT1MK9fHIy19KG5O6UuuUY-yWXZ6nAO7dGu_cb9vvB73Lm5lqMG4_BaIOyoRS4u3Oui9DzwKRwcKnoMnN9ltvQB0oLB3Qv77ArjB9-NjIE0Xji4oRY45l5wpQpNE6JQkQ7Kt_hYtAVeQ-Q4RVVEzVRLldnXITPuOAu_JMVRxG9dUzhG4ww66CMBVSZGHRIyATF8eH2qdFXTTsEw4f0HnzvQ1z33CJ8wAk2tBASVW4zWSImqsaYrKXwMGohwj6ubSPgIu29d54-q8L03lGywJ4gujGhUBf9fUpQfUGXl9jOZwuoVPUCq_wMCexFhvxEzFGv9WWow5BNd4-WWr9D3UroFZYmG6w03SvCY8SyznE_f0FEtjMPU98_iY8hHN7FPbrZjkx_J3fQrE7JE_P5GeS8g3IbYxCuMmnrA3TILn9JPps3MFp9YhRzKkK6mT_RW3_Fi4ivomuSRiXz-fFlBYyVq9yZ74AyaSCXWsvyCOAjYLrK6LT4iBPMsNpouNCZ7obRgxx1VFVWtrooxCBaaHKSh6ylwCl8UUwz7HD4kY4-KFCcSH3qBMEv6ZajJ4OTjx229LYnmPFTUQHeGr9bKzxt4Hf1VHYAdk9qkbYXMimW31oiTC0ds2Dy-Ars4RBQppIq1H6A9XohSgupmDFj2_6odbmdXg9z0PsruMg1cp_artUDErsZ2Sl3ll6PC_zZcvS5vFJzbrZkpasZagCHxmKudZnHgXLGswNvl50JFhS1fYfG5PK8EiNQOy89bRGtbYSwxiqnj5f4uGJ_9iIpF2lcEQ316mvCww9IZhNcCst1aOdZLjjdu4WESHj71lYt4Dbqf3o1_eYb058nQg7BXyRgRLUEY7wzvkCGg5V7eDWbL1NQ_QYzuo4F6zCNaZ_k48erIt27r-NnafphZneSLj6gEwYVKtSMsqdCg83FHd0eMs-7IkjMRc-REdFVNR974nePxIN-mAd_6trRsa04j1PeYPuinqbwhwQ8U8Rho5dgITyOMIniRIniHUkekgSGzWPdoGlPLqVM8vwQLEiKGEOM0jD2fVrPZ63Ci-CB0ITPW8JbW7SVovSOommMpStkpgiYtXLTDm_Ptw8e5Fd7PNgZF33X9cr51G9LFsrs24ZmizMUFPP8MQWmc0_17AObegrTB3loMDx6Z5LXtd6dq2leIyxTKktzBABo06Pp7__rVDRNSaM5YwKaknoGck8P5W7t_UUTbkaz09q95SJhDNBEK69VkOo0xDPgd12GR2Snx_20on5VUIvlfiqYQWdO2BplRhubpYyYYogio02bST_ZdyS_nUAIfK9-tZfZnt0yNBv83Yy4W7XPniqSj3CuvS9rIgPBmAsIaNnkxzQaxLuhSp5udT4GW456pIph8q99sOKzn9X8T9RgesAh0wLNz4Geyw7zxSRWK3TQouBLy1RvUHmzb-aCd3P4FcHvwgiArHBce8qCRtBg3Dh04GCX1FyaBqt0LiZybcYvLejJ70a4hlEteZVf1ojG7AbksX8TfPToXjRDbzkTvBFmzL4a3CLwbF_24mXghy4Zxg11cpbp5tKpj31HC3tZY-5H850rBtUJAq6I2Mi3JGbKvn4YP_mzlSvj09AvCWt6Z6Kp5gfufPgomcQCibUOG8uZNNKev7Grd3gtRttD05e3BgmXW6GhNkHb6G75f-6F5c5f95C0SLknUhT3ExYvEHudUXhVViRLdq-MknuKV1F06kiCH-uqujTDg&cid=CAASJ-RoCz7-HMH6OpCSHN9xBGYoB7IznW-7ofNNahjjh2Jke_50RSffhg&rfl=1%2Chttps%253A%252F%252Fwww.calculator.net%252F%240

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/ip-subnet-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74a8e79e35e0d1a807ae5a02360e3b98b77c19dc021c4eb396ac79fd95c83c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF6 42 B
63 B 57ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANwcXui4mxljPBn4WENMmqvkoWsOQ2gKbGScsHHsqRe543VsVHilzH2tQpf8MrIML6uYpXI4gtCh0FxZV-2eaXYemw0yt0sLdeZZMpCQ1TUflD10s

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3DF6 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:36:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DF6 138 KB
43 KB 358ms
292ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 18:51:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3DF6 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:44:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3DF6 0
0 73ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuAEz_ZNY86Xu-QzeuokgFrEBPNF3O9VhpIJ0FmrdhWgttU5MaJFdT0VIbXvMhXJPYtGs9_QJB0rRdQHKhazR1vDJeKw
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E882
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOLlEaaqXFhL2Lgro-X2GG4&google_cver=1

43 B
908 B

124ms
106ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOLlEaaqXFhL2Lgro-X2GG4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNuP184BMAE&v=APEucNVUsQg262OyCUCMEaQatUUOoFEhSXSEr08F4BjYFh2_eGv522Nr_ONCuGYeLamx2PijgRLAkXEoEafjKazey_jGzbzaLF8smxaqWmHOlHZEqvXFUd05CYZDLwKQuyNABzpxjKvKxSZxXn9cpKr1eAmnnkdHllNdHYc4Scy9TpecaTFThA8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72ac72867dbf6987-FRA
pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqvEvxdGhey6uVxKI5LINNHH9ii2LDOrYVkOZ5K0OuLiKDXqUTHj4eTHbCV%2FQqS%2FecPOijJRh6lgrQNI0ZE95MEDisFLJPkLo1wI9oGady7wMKoLRaD7EbzaV3jO1jF0jZqBSjjmdUpoBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOLlEaaqXFhL2Lgro-X2GG4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E882
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtBllaofEJFh4nOJnMHPkAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkIKLvtvKGBk01C2mIoGOk&google_cver=1

43 B
914 B

51ms
51ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkIKLvtvKGBk01C2mIoGOk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNuP184BMAE&v=APEucNVUsQg262OyCUCMEaQatUUOoFEhSXSEr08F4BjYFh2_eGv522Nr_ONCuGYeLamx2PijgRLAkXEoEafjKazey_jGzbzaLF8smxaqWmHOlHZEqvXFUd05CYZDLwKQuyNABzpxjKvKxSZxXn9cpKr1eAmnnkdHllNdHYc4Scy9TpecaTFThA8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72ac72873ee96987-FRA
pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbnIzliZjNiFl8gwU7DwDGPmENouVIsQqXDLpjw4RR%2BgcQRX60bcc%2F7OBxOIwLSbbrm%2BE8h%2F4whQAxXdEHZz4dzhZlDdXfT2agHujpti%2BKEsGSjJHPg2xkZ3H0OwNRG4avx%2FPBy5iB5WnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkIKLvtvKGBk01C2mIoGOk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E882
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENTp3npwdJffs1KzhB4olBA&google_cver=1

43 B
1018 B

22ms
22ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENTp3npwdJffs1KzhB4olBA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNuP184BMAE&v=APEucNVUsQg262OyCUCMEaQatUUOoFEhSXSEr08F4BjYFh2_eGv522Nr_ONCuGYeLamx2PijgRLAkXEoEafjKazey_jGzbzaLF8smxaqWmHOlHZEqvXFUd05CYZDLwKQuyNABzpxjKvKxSZxXn9cpKr1eAmnnkdHllNdHYc4Scy9TpecaTFThA8

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 18:51:01 GMT
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9a01d0e9-605c-410d-bc74-75f7d88458af
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENTp3npwdJffs1KzhB4olBA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E882
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDc0OTEwMzkyNDUwMTUzNA%3D%3D

170 B
243 B

30ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDc0OTEwMzkyNDUwMTUzNA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 18:51:01 GMT
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8028469b-19ad-4dec-8801-13089191dce9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDc0OTEwMzkyNDUwMTUzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1095913/64297468/ Frame 3DF6 228 KB
70 KB 159ms
44ms Script
application/javascript 54.246.186.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1095913/64297468/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN7nmIg6mc0R0zLC41QIrMXme9g60A0XHGjIBDih61q4pD7Q8vEpcUygcbalD8dCtUvRei2Qay1XFsM8jVHvaxW5DjKnpsQuRN-Cz9Zw4BQ-zuGGEpW-8l2H758GSeSmOeMVlo2zP9uOAiWh8rammHLZcevw&dbm_d=AKAmf-CDWAV2q_heNbcT10bXhK2Y37eBEjzCV5ZtQRvMDSuyksT08gzqAdRVpAFdX331w-uGESvxTkfvr1a8P1ipm76n4mWTMQgISNIMkBFd6I5wvEqHsJvcUp-U7AVaMsMiTizJ_l8KTRQtGJElSpPTlshjLz9pbJDqdGKedoDyszR8p319GsLRk03Y0OxcRYLAKXyNWtl2bqncJ6XJTjn5dHTZcdG-ekSlDr6oNolDEdHF9ER5_adZz3u0l0AtyGBQlNWMErmNl4O94Yk9B_e72F3fKR1M8cvOAhSAKtH4WaCpwhB58nRVpo4PXe9ep8ho0NbaZ0oEEBk0ukcbYp-dmFpCLt6mVI6jqfTmIJIy7Rdaf1McQFgjJU64Kj5PtN0pW5fekIFxmGSLHsh00wYfZRshtUGMAFF_p58UbH1Nz2AzZvcuzRyunnH366pjOSnIPk3sHk9UcSGZ-3x68VxyCD3m0mSn13JTgArMo5odtTdI1q1m6Bm0N5koUcV7oD3LlLwHj8qinAJFVbliqLa36PjDVdoZl0j9eHK_jwKGCv7m7okVxwcOycFKp7NNlr_cpKMRx_qrSTjjuhh-DOgSxloKwtCzzPa72GL76BGY6HrXwip2hmMHIIoe6XZD6PvKhCGBLTGk3KqHQJPnZHi2ilZgvmoD4bIzO8XIFAbAa43hk9PBBvVUHLFh1gM4b48lHPOD3SZVg6ElTOfJB1zWlPOZBoh-dIrk8aX5dul82zI67ZmkuAfgM-ucAcxbMiLUeGCw2yXqOY4kTSlHCIawULWhLOjn5HUZCdX4lrdgDEP_QPmS5SCvrquoA__ZbxN6EAq4YDFVfW1kzGfbDUdUk5RcmohDpAfFcgu1Fpqmnz5IDRVsyNid39UO-qmtjFZy_Yt7gXA4dj9s5YE1yPQRzOJDl8vx6z9mgj8PKJGXCqZ02Gffk_JaL-RuNC97zmBnKB-WR0KNd9ywux8OYGi-g8NZkgqYIlEWOzVp_fahHILjeJZQj4gZDfGmD4c2UuTf1I71Aexs7jLfiecB6s_6dUbUggP0ABnQJEjqI6sguTegkvJFtXLosS-M9O6EBniTIweYInyvSHfnyb2k93XMXbVTbn7nlw9k8z2Bfk9njQ4hn5Rm6sVIKYOEyWfSJ61kMEyDm0WgRmsDucmGLbRKTCBQ_-WFo1tAbPqcSa0RXyhb2pGdNJ_OVD3tt_mzHs2jDpXrYevZfO353VfGWHgW5-elOP0gmOHHpJm3m-yCocIU_91jqRxBidXCnvl_ChVZ5XpbtDqcpAvlPYA2VYLqnCWlg8u6Lg_3SHEzDrAFoON2Yb7Ieq_eHG3yrOv6sETjj0FknGNeqKSzxQBytBYOa9g9SaBF2wtnPnxooGHhz1KelZfYTj1GJLi5M6yVKSyHX4Kbwjo55WYMctaOspRBFQyTT1MK9fHIy19KG5O6UuuUY-yWXZ6nAO7dGu_cb9vvB73Lm5lqMG4_BaIOyoRS4u3Oui9DzwKRwcKnoMnN9ltvQB0oLB3Qv77ArjB9-NjIE0Xji4oRY45l5wpQpNE6JQkQ7Kt_hYtAVeQ-Q4RVVEzVRLldnXITPuOAu_JMVRxG9dUzhG4ww66CMBVSZGHRIyATF8eH2qdFXTTsEw4f0HnzvQ1z33CJ8wAk2tBASVW4zWSImqsaYrKXwMGohwj6ubSPgIu29d54-q8L03lGywJ4gujGhUBf9fUpQfUGXl9jOZwuoVPUCq_wMCexFhvxEzFGv9WWow5BNd4-WWr9D3UroFZYmG6w03SvCY8SyznE_f0FEtjMPU98_iY8hHN7FPbrZjkx_J3fQrE7JE_P5GeS8g3IbYxCuMmnrA3TILn9JPps3MFp9YhRzKkK6mT_RW3_Fi4ivomuSRiXz-fFlBYyVq9yZ74AyaSCXWsvyCOAjYLrK6LT4iBPMsNpouNCZ7obRgxx1VFVWtrooxCBaaHKSh6ylwCl8UUwz7HD4kY4-KFCcSH3qBMEv6ZajJ4OTjx229LYnmPFTUQHeGr9bKzxt4Hf1VHYAdk9qkbYXMimW31oiTC0ds2Dy-Ars4RBQppIq1H6A9XohSgupmDFj2_6odbmdXg9z0PsruMg1cp_artUDErsZ2Sl3ll6PC_zZcvS5vFJzbrZkpasZagCHxmKudZnHgXLGswNvl50JFhS1fYfG5PK8EiNQOy89bRGtbYSwxiqnj5f4uGJ_9iIpF2lcEQ316mvCww9IZhNcCst1aOdZLjjdu4WESHj71lYt4Dbqf3o1_eYb058nQg7BXyRgRLUEY7wzvkCGg5V7eDWbL1NQ_QYzuo4F6zCNaZ_k48erIt27r-NnafphZneSLj6gEwYVKtSMsqdCg83FHd0eMs-7IkjMRc-REdFVNR974nePxIN-mAd_6trRsa04j1PeYPuinqbwhwQ8U8Rho5dgITyOMIniRIniHUkekgSGzWPdoGlPLqVM8vwQLEiKGEOM0jD2fVrPZ63Ci-CB0ITPW8JbW7SVovSOommMpStkpgiYtXLTDm_Ptw8e5Fd7PNgZF33X9cr51G9LFsrs24ZmizMUFPP8MQWmc0_17AObegrTB3loMDx6Z5LXtd6dq2leIyxTKktzBABo06Pp7__rVDRNSaM5YwKaknoGck8P5W7t_UUTbkaz09q95SJhDNBEK69VkOo0xDPgd12GR2Snx_20on5VUIvlfiqYQWdO2BplRhubpYyYYogio02bST_ZdyS_nUAIfK9-tZfZnt0yNBv83Yy4W7XPniqSj3CuvS9rIgPBmAsIaNnkxzQaxLuhSp5udT4GW456pIph8q99sOKzn9X8T9RgesAh0wLNz4Geyw7zxSRWK3TQouBLy1RvUHmzb-aCd3P4FcHvwgiArHBce8qCRtBg3Dh04GCX1FyaBqt0LiZybcYvLejJ70a4hlEteZVf1ojG7AbksX8TfPToXjRDbzkTvBFmzL4a3CLwbF_24mXghy4Zxg11cpbp5tKpj31HC3tZY-5H850rBtUJAq6I2Mi3JGbKvn4YP_mzlSvj09AvCWt6Z6Kp5gfufPgomcQCibUOG8uZNNKev7Grd3gtRttD05e3BgmXW6GhNkHb6G75f-6F5c5f95C0SLknUhT3ExYvEHudUXhVViRLdq-MknuKV1F06kiCH-uqujTDg&cid=CAASJ-RoCz7-HMH6OpCSHN9xBGYoB7IznW-7ofNNahjjh2Jke_50RSffhg&rfl=1%2Chttps%253A%252F%252Fwww.calculator.net%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.186.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-186-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4025ca5e4f0119fd6fa89bf17dc9d2b3e1d5d0f3a60aa9161633823e9940a84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 3DF6 27 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN7nmIg6mc0R0zLC41QIrMXme9g60A0XHGjIBDih61q4pD7Q8vEpcUygcbalD8dCtUvRei2Qay1XFsM8jVHvaxW5DjKnpsQuRN-Cz9Zw4BQ-zuGGEpW-8l2H758GSeSmOeMVlo2zP9uOAiWh8rammHLZcevw&dbm_d=AKAmf-CDWAV2q_heNbcT10bXhK2Y37eBEjzCV5ZtQRvMDSuyksT08gzqAdRVpAFdX331w-uGESvxTkfvr1a8P1ipm76n4mWTMQgISNIMkBFd6I5wvEqHsJvcUp-U7AVaMsMiTizJ_l8KTRQtGJElSpPTlshjLz9pbJDqdGKedoDyszR8p319GsLRk03Y0OxcRYLAKXyNWtl2bqncJ6XJTjn5dHTZcdG-ekSlDr6oNolDEdHF9ER5_adZz3u0l0AtyGBQlNWMErmNl4O94Yk9B_e72F3fKR1M8cvOAhSAKtH4WaCpwhB58nRVpo4PXe9ep8ho0NbaZ0oEEBk0ukcbYp-dmFpCLt6mVI6jqfTmIJIy7Rdaf1McQFgjJU64Kj5PtN0pW5fekIFxmGSLHsh00wYfZRshtUGMAFF_p58UbH1Nz2AzZvcuzRyunnH366pjOSnIPk3sHk9UcSGZ-3x68VxyCD3m0mSn13JTgArMo5odtTdI1q1m6Bm0N5koUcV7oD3LlLwHj8qinAJFVbliqLa36PjDVdoZl0j9eHK_jwKGCv7m7okVxwcOycFKp7NNlr_cpKMRx_qrSTjjuhh-DOgSxloKwtCzzPa72GL76BGY6HrXwip2hmMHIIoe6XZD6PvKhCGBLTGk3KqHQJPnZHi2ilZgvmoD4bIzO8XIFAbAa43hk9PBBvVUHLFh1gM4b48lHPOD3SZVg6ElTOfJB1zWlPOZBoh-dIrk8aX5dul82zI67ZmkuAfgM-ucAcxbMiLUeGCw2yXqOY4kTSlHCIawULWhLOjn5HUZCdX4lrdgDEP_QPmS5SCvrquoA__ZbxN6EAq4YDFVfW1kzGfbDUdUk5RcmohDpAfFcgu1Fpqmnz5IDRVsyNid39UO-qmtjFZy_Yt7gXA4dj9s5YE1yPQRzOJDl8vx6z9mgj8PKJGXCqZ02Gffk_JaL-RuNC97zmBnKB-WR0KNd9ywux8OYGi-g8NZkgqYIlEWOzVp_fahHILjeJZQj4gZDfGmD4c2UuTf1I71Aexs7jLfiecB6s_6dUbUggP0ABnQJEjqI6sguTegkvJFtXLosS-M9O6EBniTIweYInyvSHfnyb2k93XMXbVTbn7nlw9k8z2Bfk9njQ4hn5Rm6sVIKYOEyWfSJ61kMEyDm0WgRmsDucmGLbRKTCBQ_-WFo1tAbPqcSa0RXyhb2pGdNJ_OVD3tt_mzHs2jDpXrYevZfO353VfGWHgW5-elOP0gmOHHpJm3m-yCocIU_91jqRxBidXCnvl_ChVZ5XpbtDqcpAvlPYA2VYLqnCWlg8u6Lg_3SHEzDrAFoON2Yb7Ieq_eHG3yrOv6sETjj0FknGNeqKSzxQBytBYOa9g9SaBF2wtnPnxooGHhz1KelZfYTj1GJLi5M6yVKSyHX4Kbwjo55WYMctaOspRBFQyTT1MK9fHIy19KG5O6UuuUY-yWXZ6nAO7dGu_cb9vvB73Lm5lqMG4_BaIOyoRS4u3Oui9DzwKRwcKnoMnN9ltvQB0oLB3Qv77ArjB9-NjIE0Xji4oRY45l5wpQpNE6JQkQ7Kt_hYtAVeQ-Q4RVVEzVRLldnXITPuOAu_JMVRxG9dUzhG4ww66CMBVSZGHRIyATF8eH2qdFXTTsEw4f0HnzvQ1z33CJ8wAk2tBASVW4zWSImqsaYrKXwMGohwj6ubSPgIu29d54-q8L03lGywJ4gujGhUBf9fUpQfUGXl9jOZwuoVPUCq_wMCexFhvxEzFGv9WWow5BNd4-WWr9D3UroFZYmG6w03SvCY8SyznE_f0FEtjMPU98_iY8hHN7FPbrZjkx_J3fQrE7JE_P5GeS8g3IbYxCuMmnrA3TILn9JPps3MFp9YhRzKkK6mT_RW3_Fi4ivomuSRiXz-fFlBYyVq9yZ74AyaSCXWsvyCOAjYLrK6LT4iBPMsNpouNCZ7obRgxx1VFVWtrooxCBaaHKSh6ylwCl8UUwz7HD4kY4-KFCcSH3qBMEv6ZajJ4OTjx229LYnmPFTUQHeGr9bKzxt4Hf1VHYAdk9qkbYXMimW31oiTC0ds2Dy-Ars4RBQppIq1H6A9XohSgupmDFj2_6odbmdXg9z0PsruMg1cp_artUDErsZ2Sl3ll6PC_zZcvS5vFJzbrZkpasZagCHxmKudZnHgXLGswNvl50JFhS1fYfG5PK8EiNQOy89bRGtbYSwxiqnj5f4uGJ_9iIpF2lcEQ316mvCww9IZhNcCst1aOdZLjjdu4WESHj71lYt4Dbqf3o1_eYb058nQg7BXyRgRLUEY7wzvkCGg5V7eDWbL1NQ_QYzuo4F6zCNaZ_k48erIt27r-NnafphZneSLj6gEwYVKtSMsqdCg83FHd0eMs-7IkjMRc-REdFVNR974nePxIN-mAd_6trRsa04j1PeYPuinqbwhwQ8U8Rho5dgITyOMIniRIniHUkekgSGzWPdoGlPLqVM8vwQLEiKGEOM0jD2fVrPZ63Ci-CB0ITPW8JbW7SVovSOommMpStkpgiYtXLTDm_Ptw8e5Fd7PNgZF33X9cr51G9LFsrs24ZmizMUFPP8MQWmc0_17AObegrTB3loMDx6Z5LXtd6dq2leIyxTKktzBABo06Pp7__rVDRNSaM5YwKaknoGck8P5W7t_UUTbkaz09q95SJhDNBEK69VkOo0xDPgd12GR2Snx_20on5VUIvlfiqYQWdO2BplRhubpYyYYogio02bST_ZdyS_nUAIfK9-tZfZnt0yNBv83Yy4W7XPniqSj3CuvS9rIgPBmAsIaNnkxzQaxLuhSp5udT4GW456pIph8q99sOKzn9X8T9RgesAh0wLNz4Geyw7zxSRWK3TQouBLy1RvUHmzb-aCd3P4FcHvwgiArHBce8qCRtBg3Dh04GCX1FyaBqt0LiZybcYvLejJ70a4hlEteZVf1ojG7AbksX8TfPToXjRDbzkTvBFmzL4a3CLwbF_24mXghy4Zxg11cpbp5tKpj31HC3tZY-5H850rBtUJAq6I2Mi3JGbKvn4YP_mzlSvj09AvCWt6Z6Kp5gfufPgomcQCibUOG8uZNNKev7Grd3gtRttD05e3BgmXW6GhNkHb6G75f-6F5c5f95C0SLknUhT3ExYvEHudUXhVViRLdq-MknuKV1F06kiCH-uqujTDg&cid=CAASJ-RoCz7-HMH6OpCSHN9xBGYoB7IznW-7ofNNahjjh2Jke_50RSffhg&rfl=1%2Chttps%253A%252F%252Fwww.calculator.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:47:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 3DF6 8 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 18:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:48:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DF6 0
397 B 85ms
69ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3Un31RMQZV3bRfpKfnDnEIDj3m0omCevRkhLCJgKIqbKs8zkVjntUqxJagAul0oewxjIfCiE03HYydVGS5kxN2LzpQjzymjbEyJi2QFcuEX7l9uM__770LXGgYK5JMKO1mzRgxEkXV52w9Mv71zS-q1TAYMbutHa6Nn7Svq4iqxigTY728b8UaynLuEvUhEbN_ZZStv9xXQTztNqe1lDKxbiQBu7CSB7nomt5D9_X-tW3ynKJgHxndgBETHk-iONaY5Gg0ltNgtBcz4-oh0e2XIH7VkRFE6vBFyT5o8pv4cD7FIPyxffYRaja2VcwYk8I2GYV6X0lAhB59tLy4GIyNXb8PtuUFBeAmXKf74LhWLApPm-GPpD9PTzctjQ8OWbGH_U2vyhqicOreXwAw9sP_twNoD52Dy4JEPFjvPi120HjHlhmKj62Ha8k_FoDbXsTi36f8ssVGSWvdCJrmdqfXBdSemKjhkzlOiEZlGnUsU1SxAbiiiWyJYefHlZZD1I8rVyFI5mbTDR1lI-0GmlrdS6zUWQ8rfsjJh-nc6iBLs-RtlzK_V4q1ZOlXiXWf1QTpp0MZsyKHM4_wl7Jc0mt_b38dljFPEyZCNN908XR0S49NSAqIYFWktFEFu0lBX5gHC-u455_2QmyZjH6ytt4-qbgT8hAk4-wEvG92kmE4xDKBN_9zResbJnsP3nuG3IOFI0JKfP3qVI_tFxmfx6f2YqOTr8K6TCUHR8kNsjIUy311QnhJ1ZOAeT7J3wcWIMFuLKPcaJjwpRrzP4a0Q1tCbhvyz7ndo0Me3ZaBAnO-rqn4M8ylJ7VQzJFK-5vRKS_TEgfm3SD5Ue2dh2wIBu-VAi_CjPHTVzADga4IC7htyZG_xqJTRF4wG156xILWJN_4s6sX4XlpiDIo54zq8Ebopf_6iXtgs4GxjGihn0oGptjbO2qoaeie4us9nZs_QYBCLw5iNg0V5Iax2WzP6u5vsdwlEnSyGCbrr7IDTLU0ml5j35qbqO3CTZ7rgQBIVOyDN2GxiWuPw099_RMGNQXefv_9v4jqKXwYpSLXCTzfIv9k_xxqgumY1Z2nCgKDrd6shJtPZ8uOb4_ElWzv35phtuqgTQabOHPgct8D1JNKgDR9mCA6o-6ph_Qfa6ymt1AAEDTQAiXa2wHblhO8duIRPxs2NCfI208kZgiiaFJJOC7zPd-EqnfJHLM2C4neiZBIf9hxAp_ag&sai=AMfl-YS_6qTc3JMQDmhSgy1bq4GwO_eNHwEIJ6zpzWkGJzer7Rv23IwVMvc_rtJGH8XB_Br8Pzhbd5WmCh2SK3rBCTuJn2_fWVjlNZinVkQXUgbr8sSpR0p4nSIwVv2n_dhyoGhDKRo920TQjMWLayYnhLRZh5xmpPwNOKVIXzIzMIA4wQ8oMpKdQhSLSKYu5mf-foSnhAjxZafdxBbdjk9sDB9Tk-jdFgQ&sig=Cg0ArKJSzCRFOaPX_syvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220707.04319&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 14 Jul 2022 18:51:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DF6 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 10:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 10:25:41 GMT

GET
H2 200 1750205853586320663
s0.2mdn.net/simgad/ Frame 3DF6 47 KB
48 KB 94ms
22ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1750205853586320663

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00da12df83694dca7968122c0862efa743044a48b45df73141e27b4d2e39c019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 23:00:16 GMT
x-content-type-options: nosniff
age: 71445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48085
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 15:16:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jul 2023 23:00:16 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 06D5 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 169878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:39:43 GMT
expires: Wed, 12 Jul 2023 19:39:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 06D5 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 20:45:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DF6 0
26 B 60ms
59ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 18:51:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 06D5 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4e9ElWXQYsnSFZiigQejhK6QDQAAAAA4AeAEAg&bg=!4uGl4aXNAAaYcLjmuHA7ACkAdvg8WllBz58cHCcZOmyEI8VYf1pW5ZRML4xlYMSVkI6Cm5Yk9uOdxwIAAABSUgAAAAFoAQeZAvsLBLxnxCvLY9oGwAPshmWDLxDwiSG-SdWP2Rb-LIhzIKA6QIrPYJQZEGXxu6xh76cs4pRma4qrSuJM-4tdOZON0Q2UH-7d-G0gmZJV2BZEqnwOgzNZKQueQUJTsjOHE2i74E6lcwxznHFv5u3ZcQabzsPHoDKANLXkq6_cu8N4kerD4a5OTJH8gcOUcxoGQNKEfSbZqjz7ZKW_HSdAlPJT9HGrZM1niM35WTO0FRx2TXDGEtSC3azirhMBZ09Hdg9tkNrZlVh0_in5nyDZV_4vd9ZRgdGCcB-GIAF9U_Ossm4YD9E-2uujtxxlH5ZnI1PUaIxh_rDH5K9huwmv3BvVclLRE6iHqzRWKpwAYAKU9Vz9fkJFN6SpFXmzylwHO1jpDs8-7VbNIMOglv2lQViS3FE7M1wt0fqDGbOTtA3tD47MAo36ugw8X1E-eNans2RPRsRIJbEC4oUZGJnaAF27A6vp0wPD-m3mTbrVRNKHE6DLQl6bxp4QzJMgZ3KeAd8ISwie1ZlI9sRiNKxEwZ3gYVunAGNlMZ41mPgJHEaBg_iYJAaGkuYnlwebyMLyTJhjsJQp5Kwa3Mz9p_jIHxHon0DeGH9bKYEEe_DPEYGm-KY0bJ5Ktd20ee6GBFLpOpPoOjtpczBgvjCLIbZ_kt82yHxGZ1DQjo1VteMRBgGs0l8wPlIIN20WYSLXXXQRdAEst8m91JoldY5IUQju418CwBMAp8yj0r8EZ6q3XVMLiLQO2NJNVw4W1wzRQ6xDxo85DTNJD5N3vwSLxC3bx8xtpgjs4MHWcYMfndVVAiGa9z-noUYTtEvU-MpwTi6FOfl3Xr5miTcWVjd3dedsiSTxF4csYP2uC7ztxBR6_IPE71tA3v6A9hj1Fkx6rMZHayD4D6B3Sta4_X5IgLPqyL-dYCwc-ThGWirY9n7JCBoSmWoZ8tWYtmkD6jJyxlajce-C0GamlPCxaMLMDeSSCSZdjMHwe9HW5UCfHRFalVFRuFgMCpddeh1ltisZ

Requested by

Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3DF6 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e77ed12d400ca2079c960e846cc6180e8cdecc513703412738279e0f3d9143b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 3DF6
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1095913/64297468/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafe...
https://static.adsafeprotected.com/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=

1 KB
1 KB

58ms
31ms

Script
application/javascript

2600:9000:224a:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:224a:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 14:19:49 GMT
content-encoding: gzip
age: 102673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Jul 2022 14:19:15 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: j6k9ZHQ6nGCSZNG_xPkmnND.iHKQKotv
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: FsdyCPc8cLwVK1baz3K_LPt6fSAgrvaG4bulhC3JP-BTMhgpr41lvQ==

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:01 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=gcc_lWXQYsnSFZiigQejhK6QDQ&cbFunctionName=goog_wrapCb_lWXQYsnSFZiigQejhK6QDQ&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 3B98 80 KB
21 KB 95ms
28ms Script
application/javascript 2600:9000:224a:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 5134588
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: 1YdgpbwpLK9HMUVasvsNs_jt-bu2pVKyjo2jMFR6g6LBIbFzO_quSA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
216 B 598ms
183ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWHNm,pingTime:-3,time:42,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:16%7D,%7Bpiv:0,vs:o,r:l,t:41%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 598ms
186ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWHNn,pingTime:-6,time:43,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:43,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.calculator.net*&br=c
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 593ms
184ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWHNs,pingTime:-2,time:48,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:226,mdZ:474,beA:501,beZ:503,mfA:505,cmA:506,inA:507,inZ:510,prA:510,prZ:513,si:518,poA:518,poZ:534,cmZ:534,mfZ:534,loA:544,loZ:547,ltA:549,ltZ:549%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:16%7D,%7Bpiv:0,vs:o,r:l,t:41%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:48,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B7~0%5D,as:%5B7~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:31,readyFired:true%7D&br=c
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071101&jk=3143573044116104&bg=!lZalltLNAAaYcLjmuHA7ACkAdvg8WnZWQsvz1tdyQiNFwmYq_Rk6zz21g8U3a9rl5O9RD5h2q7CqqgIAAABZUgAAAANoAQcKAMsAQzGO5sXJo3xel3KFXzhOOPbFLXi0R64gi8gJA_XUdSqLwoKFJwc08p49X35CgxUZXOu0TjNgCCE2NtRcNgqPhz9qV3Xd_R477zvE9PWacgCiv8zvoU33rigcoD20ZzbRKGgZR9WuOokpxhfSrlaSjwPpfPefJKtMpwFVoxD-yfPN918tPwB-KOiXPPZxtQouEtVuqvE1LXy84OfICWz-0wo-tnsKwDTyzAb9HOuAOhnx13argZ95Co26mkhX0uoZ8wxrVCiKwSGP2pkCo-YhKtPtSJJ7TWV_edbwvhHnMZTzMXBHSVrkKfqAQ04x4lhACgFHpdhUqYRnF79d-FlAKXQBQTJ9SALkzxdRSCrFZ3Zx38SWLdoK9qirzfQu40eqDGk__t0M2m51YDomcoH0jDagaP5q2FUEeRI6E49LTV4EbLPZdoB9Jt4J3CbMkmMGJ5AmfZpQR9vFKvENsghiUdOV5EakfHNR-kiXngpwF5UP25QYhfW1_xdzgqSc3xG9eJIuZ8KFwoLxfHvggwdpBwhO3cMvA9zv5ERdLOSqJnfy3Rjx68ZAAP1AB7zK7mR2DdMDYNfJ27qtwF-EMtgDqSoF9qcRZSG-HHqhyWeiUvoif-_E4b9GzfmbUnMVwciYwnfqtHb9Y8gIBHPNyu2iXTf8qFk0CCrtt90dKS6PvlOLSmU2L63EJJbvd8ya3l0Nqe71cyt38R0HkZIDO0hvlUUifi8E46WvTtJVY-BHK5dlyeQrkssdQLmKNz8MFjZ63qLIfaJ-0IcgIohhlC9hTcdClbM00DTEYwlVo_Q8nw-cB3yn-7WwZzg0S7yoaGqRQ6rhY42eMlCgKsdD5fwfLLAzH0LCyzjcltd0WRfbF7Bv2fYB0MOpIbMPtlDXe4P84DS2tPtAPwh0C3g3b2grvuGbz1LcrYUy7VHvmHQB0KO2Fob9OTMwJT8lZ6fOIQXAnHZD81eOV4HPuiseOk12EspX93dzKKiY_BeGvL7w7rc7zWN_uvcswGIhHJhxSKQbCZ5McYKXq2TPZ1mqQ14zkHEM2FjRE1KLiGRxwSXt4x-4uG2Fs8w-DdkMPbPoQBgnjZRbW71tEzGiNc2mXaiR0WKEZq2sIz8iheev0FpnIeVHbs5GAt8GCjTK5NzRcXdcXZbG3F60yUBMOJuxdwhfNQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 477ms
185ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWHPl,time:166,type:e,im:%7Bimprf:%7Bttecl:407,ecd:114,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:117,o:49,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B117~100%5D,as:%5B117~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 223ms
186ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWHTr,pingTime:-10,time:419,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1657824662121%7C%7C9785fae88b400bb24080d532958690b7%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C9aa906164fa69458ce1bd16acd2c6836%7C%7Cb6e86af979dcbd2b7da01b6cbe312559%7C%7Cb7642e21cb3b0a279e1ffef98b5ff5f9%7C%7C4bbf67d0808f542240069a30c2f561df%7C%7C4b63d4f83d1b2625fc32f9f417fe1f6a%7C%7C1629390669%7D
Requested by: Host: f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
URL: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DF6 42 B
64 B 100ms
57ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthk2g7l0KDfyJVCmSnAgTaXki8-oYSrg_BDRyMYDM02BcyC1JwvrFYZ61ZMP_vIM7u3k5VeLrWY5pBjavX3_eTQDETKSAnv-Si7SZjo6-Eir9CGXbX_yjNjF1I_9uX7IKtVDMkmXfhrVWslg&sai=AMfl-YSZK-MCMtwmG0BalrE5qtZRQoMLzl5I_x7gP-PsUIjbSylwQ9SMwv8WHIzORkSv0Ny3Xq4CkC-OBkEruAEfi5cPC6b3XSQ5EO0xvkDuZPrDUDWek5JsvAFXCeCYAUw&sig=Cg0ArKJSzOsuOLWJVzDzEAE&cid=CAASJ-RoCz7-HMH6OpCSHN9xBGYoB7IznW-7ofNNahjjh2Jke_50RSffhg&id=lidar2&mcvt=1000&p=76,1032,326,1332&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3640173279&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657824661201&rpt=491&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 183ms
183ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWI3C,pingTime:1,time:1050,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:16%7D,%7Bpiv:0,vs:o,r:l,t:41%7D,%7Bpiv:100,vs:i,r:,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:49,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:602,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3DF6 43 B
215 B 184ms
184ms Image
image/gif 54.187.118.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095913&asId=8f7e647d-ad30-b983-c32b-f45df732b373&tv=%7Bc:imWI3C,pingTime:1,time:1050,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:16%7D,%7Bpiv:0,vs:o,r:l,t:41%7D,%7Bpiv:100,vs:i,r:,t:49%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:49,n:41,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~300.250%5D%7D%7D,%7Bsl:o,t:41,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:49,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:602,fm:tbAzkyO+11%7C12%7C13%7C14*.1095913-64297468%7C141%7C142,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.118.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-118-164.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 18:51:02 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.calculator.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: ka55qkss5hou2pdk1lrprjvru2
www.calculator.net/	1970-01-20 05:13:36	Name: recentVisit[0] Value: IP+Subnet+Calculator%7Cip-subnet-calculator
.calculator.net/	1970-01-20 22:01:36	Name: __utma Value: 9212199.1817112893.1657824661.1657824661.1657824661.1
.calculator.net/	1969-12-31 23:59:59	Name: __utmc Value: 9212199
.calculator.net/	1970-01-20 08:53:12	Name: __utmz Value: 9212199.1657824661.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.calculator.net/	1970-01-20 04:30:25	Name: __utmt Value: 1
.calculator.net/	1970-01-20 04:30:26	Name: __utmb Value: 9212199.1.10.1657824661
.calculator.net/	1970-01-20 13:52:00	Name: __gads Value: ID=4394f701187a9195-22fdf75ccecd009f:T=1657824660:S=ALNI_MbkWag_LQodo1-iCztjotXKYjlqAA
.doubleclick.net/	1970-01-20 13:52:00	Name: IDE Value: AHWqTUk57-N5erUN4nrhr01o3cV5lIBwGjqTaY5B_QovAdij16t9x76ZkIO50WDet70
.adnxs.com/	1970-01-20 06:40:00	Name: uuid2 Value: 7670749103924501534
.casalemedia.com/	1970-01-20 13:16:00	Name: CMID Value: YtBllaofEJFh4nOJnMHPkAAA
.casalemedia.com/	1970-01-20 06:40:00	Name: CMPS Value: 1164
.casalemedia.com/	1970-01-20 06:40:00	Name: CMPRO Value: 1164
.adnxs.com/	1970-01-20 06:40:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#B7^tA!@wnfH8K6pQK`!5=E<L5?%K7YvjxsXOP4H2_r`Tb14dC/]=Bp?12aVODELzbpRzqF1`b^#H)qJ!S
.casalemedia.com/	1970-01-20 06:40:00	Name: CMTS Value: 1161

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
d26tpo4cm8sb6k.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f5da6f7f1cdbf336ff2bdb45d286d791.safeframe.googlesyndication.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.calculator.net
www.google.com
www.googletagservices.com
104.18.19.126
142.250.185.66
142.250.186.66
2600:9000:206f:b400:b:6141:e700:21
2600:9000:224a:6a00:8:48e:53c0:93a1
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
37.252.172.37
54.187.118.164
54.246.186.77
69.10.42.201
00da12df83694dca7968122c0862efa743044a48b45df73141e27b4d2e39c019
0a64c912009ef5fc4b72228760c9bcfc4035d77fcdc13d7828c3e54461683575
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ea13c0a1eda56b6872e008ea2081ef351b128c936ea1b43d261b6f6c17742be
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27f668e3594f380f3428f8d72bfb46c7876ff7f9858674432fa160379871a8fd
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
4025ca5e4f0119fd6fa89bf17dc9d2b3e1d5d0f3a60aa9161633823e9940a84b
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c7f3a2fe35867a31c8891e8e8e168fe8cb9a4b7c536ec8e9c5710f12b6e621b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
74a8e79e35e0d1a807ae5a02360e3b98b77c19dc021c4eb396ac79fd95c83c65
7bb109f75733d72ba516ea8e3b8695cbbeeaee461399262953b7766f2e0e6b57
7e115279cd60609a24219e5e27010386eff6aa445ce6a73a19d256aefd6daa89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
89e2327f4eab7751d6d4d5cee0343f80d1f3dea3fd5e76001533c393f0bba7ee
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95c43b32e567f1bdea42db0efd0b77c5cb76948719af9d29afe5efdce7d9b02
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
d1f69317185bc5ce55a63bc5426fa21feca03f460854624c04589b690832b8d1
d9e4810d5a5aee260150599167a8bdeda830762e9ed61def6a69c344b86a8dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77ed12d400ca2079c960e846cc6180e8cdecc513703412738279e0f3d9143b2
eecfea39b5477721fd37b58cc869d704713efe1b2986ff963f2c1fe829a70f4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.calculator.net Open in urlscan Pro 69.10.42.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

91 %HTTPS

63 %IPv6

12 Domains

20 Subdomains

20 IPs

4 Countries

525 kBTransfer

1378 kBSize

15 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.calculator.net Open in urlscan Pro
69.10.42.201 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

91 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

20
IPs

4
Countries

525 kB
Transfer

1378 kB
Size

15
Cookies

55 HTTP transactions
1 data transactions