googleailesi.googleailesi.com Open in urlscan Pro
2606:4700:3037::6815:3f28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/5SozQzKPHL
Effective URL:
https://googleailesi.googleailesi.com/
Submission: On May 23 via api (May 23rd 2021, 11:00:42 am UTC) from CZ

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 20 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3037::6815:3f28, located in United States and belongs to CLOUDFLARENET, US. The main domain is googleailesi.googleailesi.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 15th 2021. Valid for: a year.

This is the only time googleailesi.googleailesi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a03:2880:f26... 2a03:2880:f264:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 1	2a03:2880:f16... 2a03:2880:f164:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	45.147.197.70 45.147.197.70	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:303... 2606:4700:3037::6815:3f28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:bec8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
13	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
79	26

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f264:ca:face:b00c:0:43fe (London, United Kingdom)

ASN32934 (FACEBOOK, US)

l.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

business.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f164:81:face:b00c:0:25de (London, United Kingdom) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.147.197.70 (Ukraine) 1 redirects

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: s21.server-panel.net

www.bartinkizogrenciyurdu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

hangouts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:3f28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

googleailesi.googleailesi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:bec8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.acurax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.149 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.145 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	231 KB
10	doubleclick.net googleads.g.doubleclick.net	57 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	110 KB
6	googleapis.com translate.googleapis.com fonts.googleapis.com	97 KB
6	google.com 2 redirects hangouts.google.com www.google.com translate.google.com adservice.google.com	7 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900010.redintelligence.net	9 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googletagservices.com www.googletagservices.com	137 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	105 KB
3	googleailesi.com 1 redirects googleailesi.googleailesi.com	79 KB
2	amung.us widgets.amung.us whos.amung.us	7 KB
2	instagram.com 1 redirects l.instagram.com business.instagram.com	2 KB
1	contentspread.net cdn.contentspread.net	77 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	644 B
1	acurax.com www.acurax.com	197 KB
1	bartinkizogrenciyurdu.com 1 redirects www.bartinkizogrenciyurdu.com	285 B
1	bit.ly 1 redirects bit.ly	360 B
1	facebook.com 1 redirects www.facebook.com	1 KB
1	t.co t.co	1008 B
79	20

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	googleailesi.googleailesi.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com t.co googleads.g.doubleclick.net
5	www.gstatic.com	googleailesi.googleailesi.com translate.googleapis.com googleads.g.doubleclick.net
4	hal900010.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900010.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	googleailesi.googleailesi.com	1 redirects www.google.com googleailesi.googleailesi.com
3	www.google.com	1 redirects l.instagram.com tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	maxcdn.bootstrapcdn.com	googleailesi.googleailesi.com maxcdn.bootstrapcdn.com
1	cdn.contentspread.net	hal900010.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	t.co
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	googleailesi.googleailesi.com
1	www.acurax.com	googleailesi.googleailesi.com
1	translate.google.com	googleailesi.googleailesi.com
1	stackpath.bootstrapcdn.com	googleailesi.googleailesi.com
1	hangouts.google.com	1 redirects
1	www.bartinkizogrenciyurdu.com	1 redirects
1	bit.ly	1 redirects
1	www.facebook.com	1 redirects
1	business.instagram.com	1 redirects
1	l.instagram.com	t.co
1	t.co
79	31

This site contains links to these domains. Also see Links.

Domain
translate.google.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-03-21` - `2021-06-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-15` - `2022-01-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://googleailesi.googleailesi.com/
Frame ID: 69B48CDFABF90DA8B13BA22E14F4F554
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 5888F91C979FABEFDD2212154E3A8559
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&adk=1812271804&adf=3025194257&lmt=1621767626&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626140&bpp=3&bdt=422&idt=77&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6784501550472&frm=20&pv=2&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: EED99DD00B5908E1A0132037C0F7731D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103
Frame ID: 787015FE52781C0414283D7ECDDC135B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1019621752&adk=4047384972&adf=2148264751&pi=t.ma~as.1019621752&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626147&bpp=1&bdt=428&idt=141&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uIQfBKDaHG&p=https%3A//googleailesi.googleailesi.com&dtd=145
Frame ID: 2DCFD0C556B48A61C89E448792996774
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161
Frame ID: D2D22B16D61838565A1B17919C951F85
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: F97F8B782F7A10147EFEE7E18FB2CCC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMR0wyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEywFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKInpIZGSqwJMZeSXDWRxAf7pDGoAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTI5NTA0MzE4NTM0ODAxNzk&sigh=Qg0uiI1IcdY&tpd=AGWhJmv-6avUVESWgPLnlT_H-g2Nxkw9wBs0LlP3gBDl5TCSHDjJjsN-Pa8TtZg5iv2GDepq4R-c592rC5cJ4zdDzIdVZss29UOZbXgBbYUeNMu7iyP34dklntp_xt5p4KOc7if1kKfOEibgJ4sY8ocCAyTdfbB5Bl6fkylfEcZ4XnZen9SjtuHIA031uXGJXTFkf3Su4dCzoRM14Q4110MiC4XxymyfypM1nLFG7PxD2X8sctRgQFNob2QcGitt9IIQQ9m4NR4j88koyEJvGaNj4Ngk13pNCBy7rYj_YBekEVdiEBpJ7kYuisiVaI90bPxVMLbjXJz0z-SWvS7l6kTFLV6TOn76uQUYdmmCgrlVyE82DHMAp88dKkqqhLb_bXysLDZMZUVANk2uFxIBjmlyceHJwcaavOGuWuxDYZaJ4RZ-XlgHlOgwDhwd_x7PuXxYS3XeiaoYQ7DQZmTdnnZwfFZal6O4uiCC0COVaDzkBe1YACKvQZCRHHrpU8ZC5ODPY8rGUGk-Y_RdEZeJJLaT-1dH-OnKm0_juuC3ghpZ-_baDNMWAQmF-Yhxk6hYQKfXkNcfGfDUeb7mKZvtQ1QVSgYLm45dOoracQCu8OF05H--t1XtfIN_TjZfUU_jykvlK4idboDt-HmgKk_Mp-KoT5lXkuuebZ9s9X9sbFwKp6dGOBrl-m0GMtM9LelPOHErjSfDZwmxwoT8kl1RRa7GmrmbR5GMA9uL37TStmhd6E8y8w7DwVBk3jBkmeWKaljRpU0c-IqZJqbBVvSDpXQJ3xnhqctlM0t6rRl16N2FJCEdEMU0FjTPP_J5ae5q_juc7ZPhFzvuUp0qroy-JRqdtMnP5fX9TBWlfEtJyANnc9ydP2zCTqSwDU2GuuDOyvxutNL1bYVLTrzGjeXorj6kxvt4Ne3LReWrXJcon03o_uw3S1kML-UMZW1FAYh0D3afcD1krxhACYe6RNNz-S4RzTYu1gn5hdIKslEUZLwBsQ84wLR8pks7VIQA-tdxA7b_GkY6QN_Df26g-Zk3_EZyyY4ZI1b8
Frame ID: 36394B248A5348044F4BC65BAA8FD436
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Frame ID: 08DE14AE574F8539CBE9F2626F4A1296
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A9F248D68CD81BDC72C2ED805F70B670
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Frame ID: 9F59EB51CDFC1E411EDA24C2E4F79845
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=62012800078023100951407011603010&a=123f9e02
Frame ID: F560FF16EB137F253FA9C3510E20A803
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8F9726A9052FC4666DEDABD57B445BC8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E82EF5593B7BEDD36E7CA6F98D2795B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/5SozQzKPHL Page URL
http://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57j... HTTP 307
https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57j... Page URL
https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.face... HTTP 302
https://www.facebook.com/ads/ig_redirect/?d=Ad_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k8... HTTP 302
http://bit.ly/freefollowers2020 HTTP 301
https://www.bartinkizogrenciyurdu.com/SEBO/?s= HTTP 302
http://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 307
https://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 302
https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangout... Page URL
http://googleailesi.googleailesi.com/ HTTP 301
https://googleailesi.googleailesi.com/ Page URL

Page Statistics

79
Requests

99 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

26
IPs

5
Countries

1117 kB
Transfer

2247 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/5SozQzKPHL Page URL
http://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG HTTP 307
https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG Page URL
https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%26a%3D1%26hash%3DAd-hT8-D2yrK_waG HTTP 302
https://www.facebook.com/ads/ig_redirect/?d=Ad_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8&a=1&hash=Ad-hT8-D2yrK_waG HTTP 302
http://bit.ly/freefollowers2020 HTTP 301
https://www.bartinkizogrenciyurdu.com/SEBO/?s= HTTP 302
http://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 307
https://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 302
https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg Page URL
http://googleailesi.googleailesi.com/ HTTP 301
https://googleailesi.googleailesi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG HTTP 307
https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG

Request Chain 2

https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%26a%3D1%26hash%3DAd-hT8-D2yrK_waG HTTP 302
https://www.facebook.com/ads/ig_redirect/?d=Ad_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8&a=1&hash=Ad-hT8-D2yrK_waG HTTP 302
http://bit.ly/freefollowers2020 HTTP 301
https://www.bartinkizogrenciyurdu.com/SEBO/?s= HTTP 302
http://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 307
https://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S HTTP 302
https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg

Request Chain 64

https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2950431853480179%26output%3Dhtml%26h%3D280%26slotname%3D3451120304%26adk%3D1857828314%26adf%3D1871602609%26pi%3Dt.ma~as.3451120304%26w%3D640%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1621767626%26rafmt%3D1%26psa%3D0%26format%3D640x280%26url%3Dhttps%253A%252F%252Fgoogleailesi.googleailesi.com%252F%2523S%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1621767626148%26bpp%3D1%26bdt%3D430%26idt%3D154%26shv%3Dr20210517%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C640x280%26nras%3D1%26correlator%3D6784501550472%26frm%3D20%26pv%3D1%26ga_vid%3D1092889925.1621767626%26ga_sid%3D1621767626%26ga_hid%3D1819568128%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D480%26ady%3D1830%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060048%252C44743203%252C44743003%26oid%3D3%26pvsid%3D2844725952091320%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3D0pb3Y5ddSG%26p%3Dhttps%253A%2F%2Fgoogleailesi.googleailesi.com%26dtd%3D161&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgoogleailesi.googleailesi.com&random=4751961457440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2950431853480179%26output%3Dhtml%26h%3D280%26slotname%3D3451120304%26adk%3D1857828314%26adf%3D1871602609%26pi%3Dt.ma~as.3451120304%26w%3D640%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1621767626%26rafmt%3D1%26psa%3D0%26format%3D640x280%26url%3Dhttps%253A%252F%252Fgoogleailesi.googleailesi.com%252F%2523S%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1621767626148%26bpp%3D1%26bdt%3D430%26idt%3D154%26shv%3Dr20210517%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C640x280%26nras%3D1%26correlator%3D6784501550472%26frm%3D20%26pv%3D1%26ga_vid%3D1092889925.1621767626%26ga_sid%3D1621767626%26ga_hid%3D1819568128%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D480%26ady%3D1830%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060048%252C44743203%252C44743003%26oid%3D3%26pvsid%3D2844725952091320%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3D0pb3Y5ddSG%26p%3Dhttps%253A%2F%2Fgoogleailesi.googleailesi.com%26dtd%3D161&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgoogleailesi.googleailesi.com&random=4751961457440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

79 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 5SozQzKPHL Show response
t.co/ 2 KB
1008 B 204ms
151ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/5SozQzKPHL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

1ad04250a24ed370311534c1c1be84a8d0a02cecdf41d4b2987e16f1ec8948e9

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /5SozQzKPHL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:23 GMT
vary: Origin
server: tsa_o
expires: Sun, 23 May 2021 11:05:23 GMT
set-cookie: muc=44216638-acbe-47b4-8b7f-b6a07ab785fa; Max-Age=63072000; Expires=Tue, 23 May 2023 11:00:23 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 638
referrer-policy: unsafe-url
content-encoding: gzip
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-connection-hash: e6f3b89455b399f4f909f4b5f84e74dfe3e7935c4735721a1cef35e4d7ef7ac7

GET
H2

200

/ Show response
l.instagram.com/
Redirect Chain

http://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmi...
https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fm...

630 B
2 KB

123ms
77ms

Document
text/html

2a03:2880:f264:ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG

Requested by

Host: t.co
URL: https://t.co/5SozQzKPHL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f264:ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20cf34e76416b24bbbb5bb07ec5fed026139318168a11f8ba17f0848bdb41667

Security Headers

Name	Value
Content-Security-Policy	default-src instagram.com .instagram.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob:;script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' instagram.com .instagram.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/?m=c;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: l.instagram.com
:scheme: https
:path: /?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/5SozQzKPHL
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/5SozQzKPHL

Response headers

referrer-policy: origin
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
content-security-policy: default-src instagram.com *.instagram.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob:;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' instagram.com *.instagram.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
refresh: 1;URL=https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%26a%3D1%26hash%3DAd-hT8-D2yrK_waG
x-frame-options: DENY
cache-control: private, no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: kfGLy/Kk24M2EgS9LPIsa/4YEQg2YvGlka9d7qH3RHAzpL0fb0rxQp6MBspcsOX1TkrLsUbrifwA0hB4+UCWDA==
date: Sun, 23 May 2021 11:00:23 GMT
x-fb-trip-id: 1679558926

Redirect headers

Location: https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG
Non-Authoritative-Reason: HSTS

GET
H2

200

url Show response
www.google.com/
Redirect Chain

https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwY...
https://www.facebook.com/ads/ig_redirect/?d=Ad_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8b...
http://bit.ly/freefollowers2020
https://www.bartinkizogrenciyurdu.com/SEBO/?s=
http://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S
https://hangouts.google.com/linkredirect?dest=http%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S
https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg

373 B
837 B

50ms
31ms

Document
text/html

2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg

Requested by

Host: l.instagram.com
URL: https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1f37d8ee493ed1db48a625a8f5b6b4411e0e801061acfc48478d829c6749b231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://l.instagram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=SPsVMijmZgwQAPvbCE22sDBSvqxGkwjoQ-z4V81Kodd-HCnRBZyWbHiLIDTNUjw6jKgVM-SFQ2h1QTL6lQjSuYi4Lfe41aNVHPujScOhw7pQeD3g11Fh5osBy7Nv-vJ2n2EvQLU1gRhjlaACy_qRx9XhQ7Hy59uQYDu0J7mls24
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://l.instagram.com/?ouest_elle=356718d5f7943a8bf97408e7af1037a5c35a-394&e=ATO4gP6pStULxxkraz57jwTYJzoFUhNr88J9wmLrVOj8syeJdLTUUkES5P8TGWJYLOXIbhzm&s=1&u=http%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd_2sygytYTODv0wSgFTu2fC0XA4UeR0dR0DoocC33X6chirGjwYAt1k82CdG_ljXYJWBKGecJBc1WhesD3r2Gb3YxPs4wI134KiHaP2FVunqemzsTY9Q3ZSF-ft87GAIAPQPlDIjnw9kZA8YtOAmku8bj_FmMpxA_H-3snjrT5uzg0XF9IZL1JIfVzwAYpNcL8%2526a%253D1%2526hash%253DAd-hT8-D2yrK_waG

Response headers

location: http://googleailesi.googleailesi.com/#S
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
date: Sun, 23 May 2021 11:00:25 GMT
server: gws
content-length: 373
x-xss-protection: 0
set-cookie: CONSENT=PENDING+776; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:25 GMT

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 May 2021 11:00:25 GMT
location: https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-Ivc+Q2a4bb/HclYWDgBd/w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/MeetingsUi/cspreport;worker-src 'self' script-src 'nonce-Ivc+Q2a4bb/HclYWDgBd/w' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://payments.google.com/payments/v4/js/integrator.js?ss=md https://billing-ads-qa-devel.corp.google.com/payments/v4/js/integrator.js?ss=md https://youtube.googleapis.com https://youtube.com https://www.youtube.googleapis.com https://s.ytimg.com;report-uri /_/MeetingsUi/cspreport
cross-origin-resource-policy: same-site
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=216=SPsVMijmZgwQAPvbCE22sDBSvqxGkwjoQ-z4V81Kodd-HCnRBZyWbHiLIDTNUjw6jKgVM-SFQ2h1QTL6lQjSuYi4Lfe41aNVHPujScOhw7pQeD3g11Fh5osBy7Nv-vJ2n2EvQLU1gRhjlaACy_qRx9XhQ7Hy59uQYDu0J7mls24; expires=Mon, 22-Nov-2021 11:00:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Primary Request / Show response
googleailesi.googleailesi.com/
Redirect Chain

http://googleailesi.googleailesi.com/
https://googleailesi.googleailesi.com/

17 KB
5 KB

173ms
147ms

Document
text/html

2606:4700:3037::6815:3f28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://googleailesi.googleailesi.com/

Requested by

Host: www.google.com
URL: https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3f28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

923d7029dd9a8fefcd56fed9248e9f76ef118838bbc3782415539b7c396dfb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:method: GET
:authority: googleailesi.googleailesi.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.google.com/url?hl=en-US&q=http://googleailesi.googleailesi.com/%23S&sa=D&source=hangouts&ust=1621854025417000&usg=AFQjCNHko0nnPVnlhWjtcD0ZC8RrnoPwsg

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __ddg1=4inBVFJn5Kk7Gq7MWizM; Domain=.googleailesi.com; HttpOnly; Path=/; Expires=Mon, 23-May-2022 11:00:23 GMT
x-powered-by: PHP/5.6.40
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0a3a7b336600004e50db818000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HwQ7tJoWn8h%2F0X2wL9YhIwTsmcW2PT7BLBIRZC9Pu2Azcd2KTw40afj2C1qnMEWZbvEdfmnM5TfJcGxyQb1A9%2FIWnWLf%2FiLG4%2FiyS8MVnjxqIu7oZpylh%2FehkSNnkKso1WkD2XFUzsK38A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 653dc7cbd8f84e50-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 23 May 2021 11:00:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 23 May 2021 12:00:25 GMT
Location: https://googleailesi.googleailesi.com/
cf-request-id: 0a3a7b33310000c2eaee16d000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=67TEqJrIqEKIa4gkMtogdtaMsMowp73fvX702CCGVOjxSzmdade1Q4SHPQutujvhlKBPGfFQQG6QcHZGQcDkmNCESdVTeAcTNzQVOmYBMxiPBSPYAHUOzQ8WUA4rnzEmlq7PjGYEBsSjlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 653dc7cb88bcc2ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 11:00:25 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
21 KB 37ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://googleailesi.googleailesi.com
Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 282188
cdn-cachedat: 2021-05-19 23:06:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3a7b340c000032442d097000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a7c59e80dd8e0baea462a6dd23f75c40
cf-ray: 653dc7ccde1c3244-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 37 KB
8 KB 40ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 718, 718
age: 2926034
cdn-cachedat: 2021-04-14 09:21:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3a7b34070000c286e6870000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 38defbeca0ad3fb5a3f52eadea657d78
cf-ray: 653dc7ccd9c1c286-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 logo-stalker.png
googleailesi.googleailesi.com/ 73 KB
74 KB 34ms
22ms Image
image/png 2606:4700:3037::6815:3f28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleailesi.googleailesi.com/logo-stalker.png

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3f28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dea54a9da45ed843da8e3e6131994d2a179eade467146f4eb289326eca66bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /logo-stalker.png
pragma: no-cache
cookie: __ddg1=4inBVFJn5Kk7Gq7MWizM
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: googleailesi.googleailesi.com
referer: https://googleailesi.googleailesi.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6563
x-ddg-cachegen: 1592501076
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74650
cf-request-id: 0a3a7b3438000005e98ba0a000000001
last-modified: Sun, 31 Jan 2021 15:49:32 GMT
server: cloudflare
etag: "6016d18c-1239a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gi3jun8CFcDXFiOkxDRY%2Bft4PefEbyOoUFoEQ%2FeOv72i%2FF2BBHU9d5L2nsnFAZ0Ky%2BC1do%2By1ryUA5nJWgyGMWJnuMvT9BMjG98HHn8SsjPH8NV8gn9xjFLHKsxwOXBVDqnV9JG3ZB4XaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 653dc7cd2eaf05e9-FRA

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

1ea65d375220d8848d9c2fb5d4d71dc983c4c49dd9a41fb12c0015700cccc70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3774
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner_page_bnr.jpg
www.acurax.com/wp-content/themes/acuraxsite/images/ 196 KB
197 KB 43ms
12ms Image
image/jpeg 2606:4700:3031::ac43:bec8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acurax.com/wp-content/themes/acuraxsite/images/inner_page_bnr.jpg?x26444
Requested by: Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.15.2
Resource Hash: b56639f961ddf92015f3ae11874d8904357db685de87a3c2cae9f6e9d9b34fc9

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2752416
x-powered-by: W3 Total Cache/0.15.2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 201128
cf-request-id: 0a3a7b344d00004e6e34a24000000001
pragma: public
referrer-policy
last-modified: Wed, 07 Sep 2016 11:45:14 GMT
server: cloudflare
etag: "311a8-53be972438680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xucMLVXQCA0SMBlM%2B1R9jgUSTNiVCLVSLKBhnbFfK81o9AohMEjiqaT2GZnzTB4DQLQ7xtdpWg%2BImbNCjw5ZHfYrGYUApJ2Nw8mLCcvPT1zG9HRbndXE9ORRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 653dc7cd499e4e6e-FRA
expires: Thu, 21 Apr 2022 14:26:49 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 29ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://googleailesi.googleailesi.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617
age: 281386
cdn-cachedat: 2021-05-20 05:51:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 0a3a7b343800004ec730867000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0f7714f3985eca4e403389e7476a85f9
accept-ranges: bytes
cf-ray: 653dc7cd2c034ec7-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 315ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1028
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 23 May 2021 11:43:18 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 316ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b37d03c574d95e24f8387f4deefbf6e029db61e815b9616f28cab50fd846c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 648
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2158
x-xss-protection: 0
last-modified: Thu, 20 May 2021 17:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 23 May 2021 11:49:38 GMT

GET
H2 200 classic.js Show response
widgets.amung.us/ 12 KB
7 KB 320ms
15ms Script
application/x-javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 May 2021 17:48:53 GMT
server: cloudflare
age: 3386
etag: W/"60903785-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 653dc7cf5b7c05e4-FRA
cf-request-id: 0a3a7b359c000005e4ccbfa000000001
expires: Mon, 24 May 2021 10:04:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2950431853480179&plah=googleailesi.googleailesi.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 11:00:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 5888 10 KB
5 KB 111ms
22ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 23 May 2021 10:40:50 GMT
expires: Sun, 06 Jun 2021 10:40:50 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 1176
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 16:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65369
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 May 2022 16:50:57 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 25 B
141 B 332ms
107ms Script
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=stalk&t=%7C%20Stalker%20Twitter%20%7C&c=c&x=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&y=&a=0&d=0.334&v=27&r=7761
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.93 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 62f66cb0ad52080acd7a5d9f80bdb6c8d405c3e2384120c8a0b647428d17dc67

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=googleailesi.googleailesi.com

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
644 B 93ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=googleailesi.googleailesi.com&callback=_gfp_s_&client=ca-pub-2950431853480179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2950431853480179&plah=googleailesi.googleailesi.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ba9eb9e9f1bc0cb957c1e5ed219816198e1e59919eb4e18814f0a52e88cacea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 39ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=googleailesi.googleailesi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 40ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=googleailesi.googleailesi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EED9 0
188 B 94ms
87ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&adk=1812271804&adf=3025194257&lmt=1621767626&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626140&bpp=3&bdt=422&idt=77&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6784501550472&frm=20&pv=2&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2950431853480179&output=html&adk=1812271804&adf=3025194257&lmt=1621767626&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626140&bpp=3&bdt=422&idt=77&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6784501550472&frm=20&pv=2&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 11:00:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 11:15:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597303326658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:26 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7870 67 KB
23 KB 941ms
940ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ce0ba36d2d52e5ab6d7fa6443dd6109753fecc025638395f763f150e3d61842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 May 2021 11:00:27 GMT
server: cafe
content-length: 23297
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 11:15:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:27 GMT
cache-control: private

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 27ms
6ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:38:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1317
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Mon, 23 May 2022 10:38:29 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
998 B 28ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: googleailesi.googleailesi.com
URL: https://googleailesi.googleailesi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:49:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 25871
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Mon, 23 May 2022 03:49:15 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 27ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:47:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 760
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Mon, 23 May 2022 10:47:46 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DCF 70 KB
23 KB 713ms
713ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1019621752&adk=4047384972&adf=2148264751&pi=t.ma~as.1019621752&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626147&bpp=1&bdt=428&idt=141&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uIQfBKDaHG&p=https%3A//googleailesi.googleailesi.com&dtd=145

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64fcd58ce837a052b5afb5e48951ebb0829efabc78d92bc967185006fb8be89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1019621752&adk=4047384972&adf=2148264751&pi=t.ma~as.1019621752&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626147&bpp=1&bdt=428&idt=141&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uIQfBKDaHG&p=https%3A//googleailesi.googleailesi.com&dtd=145
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 May 2021 11:00:26 GMT
server: cafe
content-length: 23351
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 11:15:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:26 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2D2 13 KB
6 KB 634ms
633ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cfd1eb5ff7d79c95ddb44d9da14c01870b3b5d915678d71db4bdac1948b42ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 May 2021 11:00:26 GMT
server: cafe
content-length: 5611
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 11:15:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:26 GMT
cache-control: private

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame F97F 3 KB
962 B 18ms
17ms Script
application/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-+G7Xg0wcejx6gbbCPn3tSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-+G7Xg0wcejx6gbbCPn3tSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Sun, 23 May 2021 11:00:26 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3639 0
0 58ms
57ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMR0wyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEywFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKInpIZGSqwJMZeSXDWRxAf7pDGoAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTI5NTA0MzE4NTM0ODAxNzk&sigh=Qg0uiI1IcdY&tpd=AGWhJmv-6avUVESWgPLnlT_H-g2Nxkw9wBs0LlP3gBDl5TCSHDjJjsN-Pa8TtZg5iv2GDepq4R-c592rC5cJ4zdDzIdVZss29UOZbXgBbYUeNMu7iyP34dklntp_xt5p4KOc7if1kKfOEibgJ4sY8ocCAyTdfbB5Bl6fkylfEcZ4XnZen9SjtuHIA031uXGJXTFkf3Su4dCzoRM14Q4110MiC4XxymyfypM1nLFG7PxD2X8sctRgQFNob2QcGitt9IIQQ9m4NR4j88koyEJvGaNj4Ngk13pNCBy7rYj_YBekEVdiEBpJ7kYuisiVaI90bPxVMLbjXJz0z-SWvS7l6kTFLV6TOn76uQUYdmmCgrlVyE82DHMAp88dKkqqhLb_bXysLDZMZUVANk2uFxIBjmlyceHJwcaavOGuWuxDYZaJ4RZ-XlgHlOgwDhwd_x7PuXxYS3XeiaoYQ7DQZmTdnnZwfFZal6O4uiCC0COVaDzkBe1YACKvQZCRHHrpU8ZC5ODPY8rGUGk-Y_RdEZeJJLaT-1dH-OnKm0_juuC3ghpZ-_baDNMWAQmF-Yhxk6hYQKfXkNcfGfDUeb7mKZvtQ1QVSgYLm45dOoracQCu8OF05H--t1XtfIN_TjZfUU_jykvlK4idboDt-HmgKk_Mp-KoT5lXkuuebZ9s9X9sbFwKp6dGOBrl-m0GMtM9LelPOHErjSfDZwmxwoT8kl1RRa7GmrmbR5GMA9uL37TStmhd6E8y8w7DwVBk3jBkmeWKaljRpU0c-IqZJqbBVvSDpXQJ3xnhqctlM0t6rRl16N2FJCEdEMU0FjTPP_J5ae5q_juc7ZPhFzvuUp0qroy-JRqdtMnP5fX9TBWlfEtJyANnc9ydP2zCTqSwDU2GuuDOyvxutNL1bYVLTrzGjeXorj6kxvt4Ne3LReWrXJcon03o_uw3S1kML-UMZW1FAYh0D3afcD1krxhACYe6RNNz-S4RzTYu1gn5hdIKslEUZLwBsQ84wLR8pks7VIQA-tdxA7b_GkY6QN_Df26g-Zk3_EZyyY4ZI1b8

Requested by

Host: t.co
URL: https://t.co/5SozQzKPHL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 23 May 2021 11:00:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:26 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3639 2 KB
2 KB 149ms
43ms Script
application/x-javascript 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRVMk1tVTNORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2OTY4MDYwMjI5MzY4NDU5MjIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5UE4wUjVjYVRpbG51SG1MV0VpdDVwTS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNjk2ODA2MDIyOTM2ODQ1OTIyL3pyaC8wLzE4OC81NC85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMTc2NzYyNi8xNjIxNzgwMjI2LzQvcHViLTI5NTA0MzE4NTM0ODAxNzkv/cn_x0QpeeW5Dt7vOW4TGR-XLlNI&nodeid=2630&group=eu&auctionid=2696806022936845922&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.231&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%26client%3Dca-pub-2950431853480179%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.199.0 /
Resource Hash: c51ad69c2abf7241e89073a025f964b951314d386c97ab32b07738a8c49e4a26

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:23 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1621767626
Last-Modified: Sun, 23 May 2021 11:00:26 GMT
Server: MMBD/3.199.0
x-mm-latency: 1 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x25, zrh-bidder-x144
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sun, 23 May 2021 11:00:22 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 3639 2 KB
1 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:56:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3639 119 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:26 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 3639 13 KB
6 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:57:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2DCF 3 KB
674 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1019621752&adk=4047384972&adf=2148264751&pi=t.ma~as.1019621752&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626147&bpp=1&bdt=428&idt=141&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uIQfBKDaHG&p=https%3A//googleailesi.googleailesi.com&dtd=145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 May 2021 09:16:38 GMT
server: ESF
date: Sun, 23 May 2021 11:00:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 May 2021 11:00:27 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2DCF 1 KB
909 B 34ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:57:03 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 2DCF 17 KB
7 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:56:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2DCF 2 KB
1 KB 31ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:56:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DCF 119 KB
36 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:27 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2DCF 13 KB
6 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:57:40 GMT

GET
H2 200 6bd41964be010df5460da51c4a6824b5.js Show response
www.gstatic.com/mysidia/ Frame 2DCF 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 00:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:40:54 GMT
server: sffe
age: 36598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10390
x-xss-protection: 0
expires: Sat, 21 Aug 2021 00:50:29 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2913005642503592394/ Frame 2DCF 26 KB
26 KB 25ms
8ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2913005642503592394/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b41edf9d1c0f426b707e4b95c3cf1b60c52c552668a5326541cf87c01e1d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 01:34:32 GMT
x-content-type-options: nosniff
age: 293155
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26361
x-xss-protection: 0
last-modified: Tue, 26 Mar 2019 15:34:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 01:34:32 GMT

GET
DATA 200
OK truncated
/ Frame 2DCF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2DCF 0
0 57ms
56ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIwceyjWqYLaUFZbm6wShiLTIAoDv1YNS_aOKsLQL2dkeEAEg4bbTemCVAqABl5DhvwPIAQmoAwHIA8sEqgTSAU_Q22Tn95_I0F4sCHzMPb_sb0DePZ18EOIvz95gwrf5gFpIwp9TMVnXnP0jHFC23-NKOpuFGbcuPqgWtrU161cB8TMjfButNKVebrb5cqVbgC0RqU__1zxjRcxLgXSA5PDDMVCHGj9LAn95le-6DtoOo5GkdJlhQaf42rNGBlzenB_n_YcptVPOPSnhoVd02UaOqi-glScZRNTMZdwK8M3ilSe1UdQTi8BS8wUQM0YlYRTlV7L6hbraFCa7VkkdES4ABEu_j8FNbsCWaPqawMd_ZcAElYf_j1iSBQQIBBgBkgUECAUYBKAGLoAHlaXbR6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDvtzPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQC0BUBgBcBshcaChgIABIUcHViLTI5NTA0MzE4NTM0ODAxNzk&sigh=oTyy13Qe2KM&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1019621752&adk=4047384972&adf=2148264751&pi=t.ma~as.1019621752&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626147&bpp=1&bdt=428&idt=141&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=724&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=uIQfBKDaHG&p=https%3A//googleailesi.googleailesi.com&dtd=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 23 May 2021 11:00:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame 3639 11 KB
4 KB 139ms
31ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=2696806022936845922&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D
Requested by: Host: t.co
URL: https://t.co/5SozQzKPHL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0f079c602a480f0f3e928d1b8652823ef860dc7fad8f9054401a98f2a4c748f0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3397
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3639 49 B
330 B 150ms
44ms Image
image/gif 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2696806022936845922&node_id=2630&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRVMk1tVTNORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2OTY4MDYwMjI5MzY4NDU5MjIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5UE4wUjVjYVRpbG51SG1MV0VpdDVwTS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNjk2ODA2MDIyOTM2ODQ1OTIyL3pyaC8wLzE4OC81NC85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMTc2NzYyNi8xNjIxNzgwMjI2LzQvcHViLTI5NTA0MzE4NTM0ODAxNzkv/cn_x0QpeeW5Dt7vOW4TGR-XLlNI&nodeid=2630&group=eu&auctionid=2696806022936845922&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.231&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%26client%3Dca-pub-2950431853480179%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.199.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:23 GMT
Server: MMBD/3.199.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x75, zrh-bidder-x144
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 23 May 2021 11:00:22 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3639 43 B
360 B 147ms
43ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2696806022936845922&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRVMk1tVTNORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2OTY4MDYwMjI5MzY4NDU5MjIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5UE4wUjVjYVRpbG51SG1MV0VpdDVwTS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNjk2ODA2MDIyOTM2ODQ1OTIyL3pyaC8wLzE4OC81NC85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMTc2NzYyNi8xNjIxNzgwMjI2LzQvcHViLTI5NTA0MzE4NTM0ODAxNzkv/cn_x0QpeeW5Dt7vOW4TGR-XLlNI&nodeid=2630&group=eu&auctionid=2696806022936845922&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.231&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%26client%3Dca-pub-2950431853480179%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master cdg-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:27 GMT
Server: MT3 3736 915c305 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 23 May 2021 11:02:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3639 49 B
330 B 152ms
47ms Image
image/gif 185.29.133.52
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2696806022936845922&st=4562306&time=1621767627&nodeid=2630
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRVMk1tVTNORFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2OTY4MDYwMjI5MzY4NDU5MjIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5UE4wUjVjYVRpbG51SG1MV0VpdDVwTS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNjk2ODA2MDIyOTM2ODQ1OTIyL3pyaC8wLzE4OC81NC85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMTc2NzYyNi8xNjIxNzgwMjI2LzQvcHViLTI5NTA0MzE4NTM0ODAxNzkv/cn_x0QpeeW5Dt7vOW4TGR-XLlNI&nodeid=2630&group=eu&auctionid=2696806022936845922&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.231&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%26client%3Dca-pub-2950431853480179%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.199.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:23 GMT
Server: MMBD/3.199.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x65, zrh-bidder-x144
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 23 May 2021 11:00:22 GMT

GET
DATA 200
OK truncated
/ Frame 2DCF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6453f970469c7cb7dcf8f8fa67aa2b4fa750c859498759a6bbfd996e8418e237

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2DCF 21 KB
22 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 293305
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 20 May 2022 01:32:02 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2DCF 21 KB
21 KB 41ms
23ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 293336
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 20 May 2022 01:31:31 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7870 3 KB
578 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 May 2021 09:16:38 GMT
server: ESF
date: Sun, 23 May 2021 11:00:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 May 2021 11:00:27 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 7870 1 KB
909 B 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:57:03 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 7870 17 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:56:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 7870 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:56:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7870 119 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:27 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 7870 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 10:57:40 GMT

GET
H3-29 200 6bd41964be010df5460da51c4a6824b5.js Show response
www.gstatic.com/mysidia/ Frame 7870 25 KB
10 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 00:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:40:54 GMT
server: sffe
age: 36598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10390
x-xss-protection: 0
expires: Sat, 21 Aug 2021 00:50:29 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7870 0
0 58ms
56ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYwpJyjWqYLe9EYK66gTh0amgAfHp37hivaz54eIMuJHMtt4JEAEg4bbTemCVAqAB_9uKyAPIAQGoAwHIA8sEqgTOAU_QY14nh2s9FNpkjf-CGh54om0OBjVE6lkix8MJO3jP73yPiC3-mtOZsA8WnfB_NQEAGJm3exYtDD7SPTczzna3VJliHdMpUMU7YW1fdN1uXsKVk549HTSLaPrRMOQLB09nHbBI5_NM96JSokVT-HCMYN2lq0c6bZGad2vi70Aq8Zssg9_Ohmszvx7JrKYchA0GdLX4_1qona006J5RJLR1466jSK6kYeruXXdWalD0y0ES3glMu9wsq5moLgrZiX1oQlgN3HwdMbxFYN-WwATz1873wgOSBQQIBBgBkgUECAUYBIAH8O6sogKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ77p00ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTI5NTA0MzE4NTM0ODAxNzk&sigh=rowGfzMP_Bs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 23 May 2021 11:00:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 08DE 14 KB
6 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 1313
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Mon, 23 May 2022 10:38:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9F2 143 B
163 B 25ms
25ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnIaIictrpBrrQiwy9-vP9ManAmuTawIYjFHkfIompFmlNwvYO-gENqoiXn6qw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 23 May 2021 10:07:31 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3176
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900010.redintelligence.net/ Frame 3639
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

154ms
94ms

Script
application/x-javascript

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2950431853480179%26output%3Dhtml%26h%3D280%26slotname%3D3451120304%26adk%3D1857828314%26adf%3D1871602609%26pi%3Dt.ma~as.3451120304%26w%3D640%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1621767626%26rafmt%3D1%26psa%3D0%26format%3D640x280%26url%3Dhttps%253A%252F%252Fgoogleailesi.googleailesi.com%252F%2523S%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1621767626148%26bpp%3D1%26bdt%3D430%26idt%3D154%26shv%3Dr20210517%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C640x280%26nras%3D1%26correlator%3D6784501550472%26frm%3D20%26pv%3D1%26ga_vid%3D1092889925.1621767626%26ga_sid%3D1621767626%26ga_hid%3D1819568128%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D480%26ady%3D1830%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060048%252C44743203%252C44743003%26oid%3D3%26pvsid%3D2844725952091320%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3D0pb3Y5ddSG%26p%3Dhttps%253A%2F%2Fgoogleailesi.googleailesi.com%26dtd%3D161&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgoogleailesi.googleailesi.com&random=4751961457440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=3451120304&adk=1857828314&adf=1871602609&pi=t.ma~as.3451120304&w=640&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626148&bpp=1&bdt=430&idt=154&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C640x280&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0pb3Y5ddSG&p=https%3A//googleailesi.googleailesi.com&dtd=161
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3a8daabd0a78c2863aec87909ef0bc8cfd5806942ce30a7387048f9bdca36508

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 May 2021 11:00:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 62012800078023100951407011603010
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sun, 23 May 2021 12:00:27 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 23 May 2021 11:00:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2950431853480179%26output%3Dhtml%26h%3D280%26slotname%3D3451120304%26adk%3D1857828314%26adf%3D1871602609%26pi%3Dt.ma~as.3451120304%26w%3D640%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1621767626%26rafmt%3D1%26psa%3D0%26format%3D640x280%26url%3Dhttps%253A%252F%252Fgoogleailesi.googleailesi.com%252F%2523S%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1621767626148%26bpp%3D1%26bdt%3D430%26idt%3D154%26shv%3Dr20210517%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C640x280%26nras%3D1%26correlator%3D6784501550472%26frm%3D20%26pv%3D1%26ga_vid%3D1092889925.1621767626%26ga_sid%3D1621767626%26ga_hid%3D1819568128%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D480%26ady%3D1830%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060048%252C44743203%252C44743003%26oid%3D3%26pvsid%3D2844725952091320%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3D0pb3Y5ddSG%26p%3Dhttps%253A%2F%2Fgoogleailesi.googleailesi.com%26dtd%3D161&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgoogleailesi.googleailesi.com&random=4751961457440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 23 May 2021 12:00:27 +0200

GET
DATA 200
OK truncated
/ Frame 7870 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d3a3be477a42fc64cae1e400726869910dcb3d4b657c15b493b91f6400a30de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7870 21 KB
21 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 293305
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 20 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7870 21 KB
21 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 293336
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 20 May 2022 01:31:31 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9F2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

65ms
60ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnIaIictrpBrrQiwy9-vP9ManAmuTawIYjFHkfIompFmlNwvYO-gENqoiXn6qw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 11:00:27 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 23-May-2021 12:00:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 11:00:27 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 11:00:27 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F59 14 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2950431853480179&output=html&h=280&slotname=1267361357&adk=2444736631&adf=3469062329&pi=t.ma~as.1267361357&w=1200&fwrn=4&fwrnh=100&lmt=1621767626&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fgoogleailesi.googleailesi.com%2F%23S&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621767626144&bpp=3&bdt=426&idt=96&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6784501550472&frm=20&pv=1&ga_vid=1092889925.1621767626&ga_sid=1621767626&ga_hid=1819568128&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44743203%2C44743003&oid=3&pvsid=2844725952091320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=81Wa4D6z4u&p=https%3A//googleailesi.googleailesi.com&dtd=103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 1313
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Mon, 23 May 2022 10:38:34 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900010.redintelligence.net/ Frame F560 3 KB
2 KB 94ms
30ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=62012800078023100951407011603010&a=123f9e02
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=f46ee1c812&subid=&uid=a3749cdd8b1aefbf&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2696806022936845922%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_cid%3D684060aa-35cb-4201-8ac8-ba492ff3ecc6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCsheMyjWqYIOrFc3Q6wSxooTgBs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjk1MDQzMTg1MzQ4MDE3OcgBCagDAaoEzgFP0CrE8jpM9zmbdVbGLk6dRiU9qw9ZxvoGPUpvXPKauurXigM54AGJpJT43-R6JvGKuU5nLn7bfmKKd55TJXIoOPAOTNOyc0iKc-QNpTNTYAc9WD82SmghfsYiaGmLLrtRzIUwckyGuHURnWggFuzoXG1J4gjaJyVoBomiGPLxgZrSPbl_hSc23txlmbqOR3GKapsYIEJk2TOeLvmxPBV4D02opPpebc_H_Ig6_pHexJVhGeIyTpsKIjhKafYGUDce9IGL8sQA0EpeDiZBX4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2_ArhCpyo0CyEh1_eSMud05MeBFg%2526client%253Dca-pub-2950431853480179%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2950431853480179%26output%3Dhtml%26h%3D280%26slotname%3D3451120304%26adk%3D1857828314%26adf%3D1871602609%26pi%3Dt.ma~as.3451120304%26w%3D640%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1621767626%26rafmt%3D1%26psa%3D0%26format%3D640x280%26url%3Dhttps%253A%252F%252Fgoogleailesi.googleailesi.com%252F%2523S%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1621767626148%26bpp%3D1%26bdt%3D430%26idt%3D154%26shv%3Dr20210517%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C640x280%26nras%3D1%26correlator%3D6784501550472%26frm%3D20%26pv%3D1%26ga_vid%3D1092889925.1621767626%26ga_sid%3D1621767626%26ga_hid%3D1819568128%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D480%26ady%3D1830%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060048%252C44743203%252C44743003%26oid%3D3%26pvsid%3D2844725952091320%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3D0pb3Y5ddSG%26p%3Dhttps%253A%2F%2Fgoogleailesi.googleailesi.com%26dtd%3D161&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgoogleailesi.googleailesi.com&random=4751961457440&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 16d086c68781ae074eb529e2537055729394e888ccc0f66015cfc8905807c300

Request headers

Host: hal900010.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=feb4df4b5fb9d7d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sun, 23 May 2021 11:00:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 23 May 2021 12:00:27 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1222
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3639 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8c778770a491a5d49515e20fa9f62e6aab8fe82194f1689c67cd7bd404cfeb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame F560 77 KB
77 KB 141ms
44ms Image
image/gif 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=62012800078023100951407011603010&a=123f9e02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Server: nginx
ETag: "5b55f217-1348d"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 78989

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame F560 0
150 B 101ms
34ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=62012800078023100951407011603010&a=620c876c&vb=m
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=62012800078023100951407011603010&a=123f9e02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900010.redintelligence.net/request_content.php?s=62012800078023100951407011603010&a=123f9e02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 11:00:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F560 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b25a19729944d3b0246254533af6ad43af6eca5f862df5b5ec6bbea93297a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 11:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7726
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 11:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 23 May 2021 11:00:28 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8F97 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 23 May 2021 09:40:19 GMT
expires: Mon, 23 May 2022 09:40:19 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4809
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E82 783 B
533 B 24ms
23ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26a9f8961cf8d2749d8ba1434bf53c4b3cef969037f9c99dd05c223ffc55bc60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IM6vAUh/+WbxGcZAb5Ik3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleailesi.googleailesi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleailesi.googleailesi.com/

Response headers

expires: Sun, 23 May 2021 11:00:28 GMT
date: Sun, 23 May 2021 11:00:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IM6vAUh/+WbxGcZAb5Ik3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F97 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 1314
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Mon, 23 May 2022 10:38:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2844725952091320&bg=!rq2lrenNAAZ7hX_Ue4U7ACkAdvg8WgpXZkR1Zvz4UDVPbROjNeNYb7uAWRhF9RxCs7g7giJUmwZUJAIAAABXUgAAAAtoAQeZAknsHPyvuP1jBtIirPvWA_LW-dMxkmFx9eaNw4ss-M81_sfdOuS1TWb3Dkx_cr6EH6qIz-D_Hwg4HWB2ZYv2h2xRURuY4-WmivnQYGB9EvePCI7r-LMySyL8aCw8MfQAHjb9qm0g2gkGgvLrt-g2TCgKNIDV20k2W_YxYVSpl0RObkUN_lQ8eGIZwivjPwihllIBCLIwAdI362Is6JJd8Mh-z1bHpCk-Rt0d6BWquopp0C2dthUXNm3GSAwnovwIuGHdLPqAYlDW1CFOAoVKEjUevibg3QiZJ6YZLbLpwafFEqJns3rLtBT4ma4Z-xFpj8IZmqX_ranKGI4fU5DxZHL_uFzG5Vm8lBy2-HIaH8uqwOHjf7uV_q7o0WQDxpKsoB_ZT1Hg1TLG68HmXpFQjY99tesucGDZq92eTW47H2v7jMbjPy7Bw0y_UYs5CBO80hxLPPfEFFmRR3fabsoMbbAt7sXQYLHzOTWhdtG-2DwW7A_MmQHL-UP8vTZucW_PhqhyrYDgOyMM8Z5kB_Sq77YnVHool_P-1fujrRfOXl_2PTq6eicENcQhaEiBcfdQ7hSVDkysMCOF6gM_qqgJ66Nh2z4fm75r8cYG5N-8t_18GnAZt9inhOHcO2utosBTer0F2X9ViHM8hKlc9jsKBo2w5lB3_iLOOIGBgqPeP-jXBPpQXu5FiKvbhhR-T0pxueKZDDOby3kAwl4MpvUG7Nkcxlve_TNXjgBw3E8xXnvEmO_j_RoPbT6MPHFDFvO23mrAZAGkVx3ht6w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleailesi.googleailesi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DCF 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvdGwQBD9ZDJae7pWRZilb8ytI78QVNyJ8-Iyr6Jy2I4xkG4gmzsgX2uDcQe_Ay-EK8-YIEFsCz-ji5g5HCyoXFtrh83ia8DcNV4T74NDUZfVd4LA_SN0f4s3gZg&sai=AMfl-YRwONnIyYk7dz-A5Nx_2fAiZJAmJq6UC8Opi2JANpU0WUTT_xGByCY3pH8_xlKRjyan-02WYil3-P_2&sig=Cg0ArKJSzABqeJDicjBYEAE&id=lidar2&mcvt=1004&p=724,480,1004,1120&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4047384972&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621767626294&dlt=719&rpt=44&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7870 42 B
64 B 29ms
16ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaDcpWX8bh9PPJN9VBSi8LhxnGL-KkXHsmY1SbS58Kcos8UWHgNjESr5HV47_gns6akwxEa0nO8HzQ9SEbxOVYzsrRDuj9LR43SUi_QPx031dZpHTX087ZLN8IMw&sai=AMfl-YR6xJ5OBKnIiSYYcemg5NyvL3oe0StwP_SGK7c7wCI0NBnHW4BVjAx9xPP2Wksa5mY3BS2yHosv5HDI&sig=Cg0ArKJSzBwZWipBiDl5EAE&id=lidar2&mcvt=1002&p=174,200,454,1400&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2444736631&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621767626252&dlt=1031&rpt=81&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 11:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:39:03	Name: 8lcfmzhxc8d6_uid Value: feb4df4b5fb9d7d5
.doubleclick.net/	1970-01-19 18:29:31	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 18:29:28	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 03:51:03	Name: IDE Value: AHWqTUnIaIictrpBrrQiwy9-vP9ManAmuTawIYjFHkfIompFmlNwvYO-gENqoiXn6qw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bit.ly
business.instagram.com
cdn.contentspread.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleailesi.googleailesi.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hangouts.google.com
l.instagram.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
stackpath.bootstrapcdn.com
t.co
tags.mathtag.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
whos.amung.us
widgets.amung.us
www.acurax.com
www.bartinkizogrenciyurdu.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.69
138.201.63.145
138.201.63.149
142.250.186.162
185.29.133.52
2.18.233.201
2606:4700:10::ac43:88d
2606:4700:3031::ac43:bec8
2606:4700:3037::6815:3f28
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400d:804::2002
2a03:2880:f164:81:face:b00c:0:25de
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f264:ca:face:b00c:0:43fe
45.147.197.70
67.199.248.10
67.202.94.93
88.99.69.161
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
03c95581c28064117f1345d168d9745fbf86c2f693fa2ac977b93adf8786477e
0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869
0f079c602a480f0f3e928d1b8652823ef860dc7fad8f9054401a98f2a4c748f0
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
16d086c68781ae074eb529e2537055729394e888ccc0f66015cfc8905807c300
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ad04250a24ed370311534c1c1be84a8d0a02cecdf41d4b2987e16f1ec8948e9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1cfd1eb5ff7d79c95ddb44d9da14c01870b3b5d915678d71db4bdac1948b42ba
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1ea65d375220d8848d9c2fb5d4d71dc983c4c49dd9a41fb12c0015700cccc70d
1f37d8ee493ed1db48a625a8f5b6b4411e0e801061acfc48478d829c6749b231
20cf34e76416b24bbbb5bb07ec5fed026139318168a11f8ba17f0848bdb41667
26a9f8961cf8d2749d8ba1434bf53c4b3cef969037f9c99dd05c223ffc55bc60
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3a8daabd0a78c2863aec87909ef0bc8cfd5806942ce30a7387048f9bdca36508
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b37d03c574d95e24f8387f4deefbf6e029db61e815b9616f28cab50fd846c9d
4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5dea54a9da45ed843da8e3e6131994d2a179eade467146f4eb289326eca66bc7
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
62f66cb0ad52080acd7a5d9f80bdb6c8d405c3e2384120c8a0b647428d17dc67
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6453f970469c7cb7dcf8f8fa67aa2b4fa750c859498759a6bbfd996e8418e237
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6d3a3be477a42fc64cae1e400726869910dcb3d4b657c15b493b91f6400a30de
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7ce0ba36d2d52e5ab6d7fa6443dd6109753fecc025638395f763f150e3d61842
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
923d7029dd9a8fefcd56fed9248e9f76ef118838bbc3782415539b7c396dfb40
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94b41edf9d1c0f426b707e4b95c3cf1b60c52c552668a5326541cf87c01e1d55
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64fcd58ce837a052b5afb5e48951ebb0829efabc78d92bc967185006fb8be89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56639f961ddf92015f3ae11874d8904357db685de87a3c2cae9f6e9d9b34fc9
ba9eb9e9f1bc0cb957c1e5ed219816198e1e59919eb4e18814f0a52e88cacea2
c51ad69c2abf7241e89073a025f964b951314d386c97ab32b07738a8c49e4a26
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b25a19729944d3b0246254533af6ad43af6eca5f862df5b5ec6bbea93297a6
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f8c778770a491a5d49515e20fa9f62e6aab8fe82194f1689c67cd7bd404cfeb1

googleailesi.googleailesi.com Open in urlscan Pro 2606:4700:3037::6815:3f28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

79 Requests

99 %HTTPS

67 %IPv6

20 Domains

31 Subdomains

26 IPs

5 Countries

1117 kBTransfer

2247 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

googleailesi.googleailesi.com Open in urlscan Pro
2606:4700:3037::6815:3f28 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

26
IPs

5
Countries

1117 kB
Transfer

2247 kB
Size

4
Cookies

79 HTTP transactions
5 data transactions