urlscan.io logo urlscan.io
SecurityTrails logo

extract.me Open in urlscan Pro
172.67.159.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://extract.me/
Submission Tags: falconsandbox
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 172.67.159.133, located in United States and belongs to CLOUDFLARENET, US. The main domain is extract.me.
TLS certificate: Issued by GTS CA 1P5 on April 27th 2024. Valid for: 3 months.
This is the only time extract.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    172.67.159.133 (United States)

ASN13335 (CLOUDFLARENET, US)
extract.me
7    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:4a43 (United States)

ASN13335 (CLOUDFLARENET, US)
id.123apps.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 extract.me
extract.me
241 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
209 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
241 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
250 B
1 123apps.com
id.123apps.com — Cisco Umbrella Rank: 188778
875 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
89 KB
26 7
Domain Requested by
12 extract.me 1 redirects extract.me
7 pagead2.googlesyndication.com extract.me
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.de extract.me
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 id.123apps.com extract.me
1 www.googletagmanager.com extract.me
26 8
Subject Issuer Validity Valid
extract.me
GTS CA 1P5		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://extract.me/
Frame ID: F2917919704E69F2E3E52EEEAAC67241
Requests: 35 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Frame ID: 0BA680D0B0674A432A46131275C4E935
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6018759167127521&output=html&adk=293675617&adf=814277786&abgtt=6&lmt=1715687193&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fextract.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715690648508&bpp=3&bdt=172&idt=178&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4052454609935&frm=20&pv=2&ga_vid=1109612651.1715690649&ga_sid=1715690649&ga_hid=2077942141&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083438%2C31083588%2C95331983%2C95331711%2C95332402%2C95332415&oid=2&pvsid=205029527616833&tmod=1602946744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: AD3F7A8F67B1AD5BE66CA040745B259C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6018759167127521&output=html&h=90&slotname=9767265148&adk=2967011145&adf=2319119012&pi=t.ma~as.9767265148&w=1024&abgtt=6&lmt=1715687193&rafmt=12&format=1024x90&url=https%3A%2F%2Fextract.me%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715690648511&bpp=1&bdt=175&idt=188&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4052454609935&frm=20&pv=1&ga_vid=1109612651.1715690649&ga_sid=1715690649&ga_hid=2077942141&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1488&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083438%2C31083588%2C95331983%2C95331711%2C95332402%2C95332415&oid=2&pvsid=205029527616833&tmod=1602946744&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1280&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=193
Frame ID: 824FB4107775438286A4C3D9289881B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69C76588A01C24B97946D33F8D1E3209
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Archive Extractor Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

92 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

540 kB
Transfer

1718 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://extract.me/sso/attach/?callback=jQuery37105495253609777906_1715690648401&_=1715690648402 HTTP 303
  • https://id.123apps.com/attach/?broker=extractme&token=2ygrll9d2qm8wcwwgw4g4kowk0sgggks404cgccscocg4osgog&checksum=2dkg0eqtony8wcgwgogokkgkooow4k840c44k0k4sc8cw8koos&callback=jQuery37105495253609777906_1715690648401

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
extract.me/ 		74 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5f62c5098d25024dfbcccff629125c8de1529aa9adaddc93b73f732eedcbc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
3455
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
883afa57ce263637-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 12:44:08 GMT
last-modified
Tue, 14 May 2024 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=()
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUGrQq6gTwA1KFVWrd63LgB6frFt8DJP3TjLnC5J7k5F1iTtXFdoacRXoneauCD%2BWdMKlmqzFGuj6vS%2FxPyaTIk3Mw%2FYzs%2B28QqrYY9aTg9KZnYu%2FdfdxQT7T52f"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-html-edge-cache-status
Hit, Refreshed
unarchiver.css
extract.me/css/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extract.me/css/unarchiver.css?78fe
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78fed2580ecf0edd3c29f2daa2a66d5860bc13a8c4c5081108f91d3f19b0d342

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 08:08:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2333
etag
W/"65aa2e0e-d03d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJSFb5yEbSlhNOj3llqUZPqRiEXk3tsw1fcUrYT7y02Zcuou6%2FoREcvMybDTnIGl6d3RQg0VKfOkj66gmOUwiCjVC4WqgIjtPaD8AKJ7MdepLjmz82xyI73nvt25"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
883afa583e9f3637-FRA
alt-svc
h3=":443"; ma=86400
app.css
extract.me/static/css/ 		175 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extract.me/static/css/app.css?b39386
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39386681e82fa08a686b43fe920a1b4465dcd3f528a083eea9f831d92f65a89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4551796
alt-svc
h3=":443"; ma=86400
content-length
26346
pragma
public
last-modified
Tue, 12 Mar 2024 07:44:07 GMT
server
cloudflare
etag
"65f007c7-66ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZXJP16KgCBOblTkSmH3KQsCLbymlQoDUvP3z3Kb1BIGptMF37rEhzrN6Ybo9gbKcwoVUGyBZWEvrwDQ3jLUdgldUtsPfnVHE0srp5aoh6huIKYwqT33033NIEX0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
883afa583ea33637-FRA
expires
Sat, 22 Mar 2025 20:20:52 GMT
shared-v3-lib.js
extract.me/static/js/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extract.me/static/js/shared-v3-lib.js?785c46
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785c463696c62d42b6bda76499ebdced62ad377164ab1ea411878c623352533a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
470796
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 03 May 2024 09:14:05 GMT
server
cloudflare
etag
W/"6634aadd-122d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bztriQaSGfYaUkBqej9c2Q%2B1L%2FXVibSCh62kAc1LOxbjQg5KEShxuGJu55QF40V0ajOaUk2IDD%2FlImpLwv98%2FdLzMfhBbkDkXXs4J%2BlipF%2FdOXKpfVSjD8QtMlRt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
883afa583ea63637-FRA
expires
Fri, 09 May 2025 01:57:32 GMT
shared-v3-app.js
extract.me/static/js/ 		148 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extract.me/static/js/shared-v3-app.js?d0430b
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0430bf7a9cce503dd1db88fec5a68068c7db3fc6edf80c0dc80675c2fb938fa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
962749
alt-svc
h3=":443"; ma=86400
content-length
37770
pragma
public
last-modified
Fri, 03 May 2024 09:14:01 GMT
server
cloudflare
etag
"6634aad9-938a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FM57slVhfbn%2FdB9CpMf6JNDH8%2FUC3LGi5A1iVZiH6SZ4GZW9qIPlz9hZ3QEgnxHlRjYnzBleVT79Zd1POi%2BoCz9fjbSrUt82i4aWZ65aHvCxEPI%2FX30qhIK%2FgunD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
883afa583ea83637-FRA
expires
Sat, 03 May 2025 09:18:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6018759167127521
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4a36df93af5c527228dede67c5ca6a7ef05a6043c36477119d93cdb0f9371dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Origin
https://extract.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52213
x-xss-protection
0
server
cafe
etag
14027026834582730139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 14 May 2024 12:44:08 GMT
unarchiver.js
extract.me/js/ 		159 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extract.me/js/unarchiver.js?8896
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88962f3546abdd1ac77fb6aa44c2faf725af03b9fabb2f1f620c4addb3d08482

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 08:08:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5107
etag
W/"65aa2e0e-27d11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRJ8lwxvcVfrratVYJ3eXKbUv8GCMDShiw%2Fykl599Fvs3WP6mdS8UW5B%2BfmHJ1UdVFiBJrE64xTVwQMRGoVbsv0WgaEcuMe5OW%2Bs2ezYQYhCyK5ohmP8qap47hrD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
883afa583eac3637-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		252 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4FXT0574H0
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
632d0dd629980171e02998ee6f355a53f700ecda44171efe62dbfe674fb5d456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90554
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 12:44:08 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48111026bd4f063704977dab83fb19090ca3b7d63e8c6db836c3e8e3473826ed

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		1020 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82fa5a57e51d104b3f812abfc6b356c2d963340bd4e0b4f22b8519216f2a3f45

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		141 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf5d911d4254c47683defa6ea4f98299f62db06c44d871c251539cde310bcf8b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f42bf0d73dc7cdfc506f8b60157993d178b410b60b26a2efde66bfd9ce8c8f86

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d41ce5da445427ac3d027cb62d83ee04bfdd18221dbe2ac84c9122bfbeea1d42

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		562 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a98bf5c3ae297c2985ec32cf2b6d42107529629ba566af7fd4eb255bdde0b5a9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		678 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cecddddfe56d23cc42e89cc5b9dd2a1274bd8c70b860230cb8088006b2ae5f9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
latin.woff2
extract.me/static/fonts/rubik/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://extract.me/static/fonts/rubik/latin.woff2
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Origin
https://extract.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4545843
alt-svc
h3=":443"; ma=86400
content-length
33620
pragma
public
last-modified
Fri, 30 Jun 2023 13:20:50 GMT
server
cloudflare
etag
"649ed6b2-8354"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Thp33JI4oE%2FOZis9au0ztOs%2B4WPk%2BZ35ZhJ1kv4Z7n7yBwOrg1T2CE8Wh3ZtTtlG7Lv0AC3uKVX4cI4UurhAhYZA2smIMM7Yq5LS3rnT09PgUKZ1hT5Iid6c3Vj0"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
883afa586ee33637-FRA
expires
Sat, 22 Mar 2025 22:00:05 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44a7dbc14bb71480cbb595afc409bd218793169ff627be21539da281b424d49d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e5d2f8ea1c53b03d7ca3f894026b5a07b296b85e95638295a78f64dc75b56c7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c38873f9cdb76d3f9f4b50b8fd94e7c66d4cda7963530346a4d6559e2ef1fc7f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ac053307f2d81473ddb9c57fcae4f6c421b43a03b7d3611fd329908a30669d6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
id.123apps.com/attach/
Redirect Chain
  • https://extract.me/sso/attach/?callback=jQuery37105495253609777906_1715690648401&_=1715690648402
  • https://id.123apps.com/attach/?broker=extractme&token=2ygrll9d2qm8wcwwgw4g4kowk0sgggks404cgccscocg4osgog&checksum=2dkg0eqtony8wcgwgogokkgkooow4k840c44k0k4sc8cw8koos&callback=jQuery37105495253609777...
111 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.123apps.com/attach/?broker=extractme&token=2ygrll9d2qm8wcwwgw4g4kowk0sgggks404cgccscocg4osgog&checksum=2dkg0eqtony8wcgwgogokkgkooow4k840c44k0k4sc8cw8koos&callback=jQuery37105495253609777906_1715690648401
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H2
Server
2606:4700:20::ac43:4a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d203eb00cee56b218bdec8094885c2389480a21362d2a2ce8b245ccbc5ef106
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://extract.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
referrer-policy
origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J519Jsk1eJ7%2BYY8l2VRxiwl2cWn6qXEglCDET9lGQ6Q6JvTQN6hWkEI0Phi2LNL2oc39OWItCCd3wbKh8LHj6Bwa2LKVN0NPmImdub%2BHOIG4lg53v6GulZ6d484MM1iDc30FOyu%2BbiTlZhmn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, no-transform
permissions-policy
geolocation=()
x-robots-tag
noindex
cf-ray
883afa59df8abb61-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date
Tue, 14 May 2024 12:44:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=86400
referrer-policy
origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9p8S0A1cG0j1wg3LSx2k%2F%2F%2F%2F%2FeNCnguI8HqIX1nFvb60oYyPoKgXLt0S%2BZJqvrL7%2B6KhLzoquku4tGwqGwrL%2BuD8ZjtfeTppoeo1yCO%2FAUnvEngMA5qu5DRIksl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://id.123apps.com/attach/?broker=extractme&token=2ygrll9d2qm8wcwwgw4g4kowk0sgggks404cgccscocg4osgog&checksum=2dkg0eqtony8wcgwgogokkgkooow4k840c44k0k4sc8cw8koos&callback=jQuery37105495253609777906_1715690648401
permissions-policy
geolocation=()
x-robots-tag
noindex
cf-ray
883afa58bf3a3637-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662e6f8b00629d8a2d09a8dd99c64df6f38e5f2c584f431a7b6331d1c8b92e45

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/ 		412 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6018759167127521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c81bf59b805a87c2c8e56c98d7416fcc462667c33b90188703dcedb513bf2670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142567
x-xss-protection
0
server
cafe
etag
2872717466540407586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 May 2024 12:44:08 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4FXT0574H0&gtm=45je45d0v9124087621za200&_p=1715690648420&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1109612651.1715690649&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715690648&sct=1&seg=0&dl=https%3A%2F%2Fextract.me%2F&dt=Archive%20Extractor%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=268
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FXT0574H0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:44:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extract.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4FXT0574H0&cid=1109612651.1715690649&gtm=45je45d0v9124087621za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FXT0574H0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:44:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extract.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4FXT0574H0&cid=1109612651.1715690649&gtm=45je45d0v9124087621za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1237561587
Requested by
Host: extract.me
URL: https://extract.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/ Frame 0BA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://extract.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
75108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 15:52:20 GMT
etag
5035419970550746386
expires
Mon, 27 May 2024 15:52:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame AD3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6018759167127521&output=html&adk=293675617&adf=814277786&abgtt=6&lmt=1715687193&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fextract.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715690648508&bpp=3&bdt=172&idt=178&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4052454609935&frm=20&pv=2&ga_vid=1109612651.1715690649&ga_sid=1715690649&ga_hid=2077942141&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083438%2C31083588%2C95331983%2C95331711%2C95332402%2C95332415&oid=2&pvsid=205029527616833&tmod=1602946744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://extract.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:44:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 824F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6018759167127521&output=html&h=90&slotname=9767265148&adk=2967011145&adf=2319119012&pi=t.ma~as.9767265148&w=1024&abgtt=6&lmt=1715687193&rafmt=12&format=1024x90&url=https%3A%2F%2Fextract.me%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715690648511&bpp=1&bdt=175&idt=188&shv=r20240509&mjsv=m202405080101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4052454609935&frm=20&pv=1&ga_vid=1109612651.1715690649&ga_sid=1715690649&ga_hid=2077942141&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1488&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083438%2C31083588%2C95331983%2C95331711%2C95332402%2C95332415&oid=2&pvsid=205029527616833&tmod=1602946744&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1280&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://extract.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
38173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:44:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
extract.me/sso/verify/ 		0
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extract.me/sso/verify/
Requested by
Host: extract.me
URL: https://extract.me/static/js/shared-v3-lib.js?785c46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://extract.me/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
frame-ancestors 'self'
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL7GLOaUKjL7kNZ1M1Qlr05gFjT%2FqYg0VqLS67H59ZzH3nYfObz%2FE%2Flr%2BX35OTyfnouyd34V%2FZ6yAE7Ekjr5gzo5x6Uq1Y%2FYDUbkDTrVCz1DYbGlkAOvJgHfiPb3"}],"group":"cf-nel","max_age":604800}
permissions-policy
geolocation=()
x-robots-tag
noindex
cf-ray
883afa5a99b43637-FRA
alt-svc
h3=":443"; ma=86400
/
extract.me/sso/api/ 		0
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extract.me/sso/api/?command=info
Requested by
Host: extract.me
URL: https://extract.me/static/js/shared-v3-lib.js?785c46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://extract.me/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
frame-ancestors 'self'
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvBQ%2BdpzDdXk7OrYNwrTA52ZRqyxdxzWU8tZhzYukwjsv%2BPrcLj9zSHhffqvnSh80ekWV6Z8hV1uPYLN9ntzRrCXJNRCBko4JNP%2FKzU45Cqggch%2B6ZGNNl5kUGp6"}],"group":"cf-nel","max_age":604800}
permissions-policy
geolocation=()
x-robots-tag
noindex
cf-ray
883afa5b4aad3637-FRA
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
712cf54aec4e9dddc34faaa11dbf8e92712ab0c4c875c424a34178d034024767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12731
x-xss-protection
0
chrome.svg
extract.me/static/i/browsers/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extract.me/static/i/browsers/chrome.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1434a8569c5158dbfc2001506a5ff0f9bfdc0c7861c9929e0dd8f05d77825c87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4543909
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 30 Jun 2023 13:20:50 GMT
server
cloudflare
etag
W/"649ed6b2-6d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ar9KjhJKLtzLGkTNkGRdfyDCXt%2FlaOy1OvesLnbt9NyKlPDAtLGnC23b1l%2BabzARjvgcgSrAJFt9GuF51VcqTVWtvFo%2B6sd%2BPkDeJ7%2FBijDxMwFUQjINAK6t6Cnp"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
883afa5f18203637-FRA
expires
Sat, 22 Mar 2025 22:32:20 GMT
truncated
/ 		192 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2463c8dec80927e65a4abbefd313eb37ba0b7a3cd796839442d098890025c3d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
favicon.svg
extract.me/static/i/v3/ 		235 B
610 B 		Other
General
Check archive.org
Download Go to
Full URL
https://extract.me/static/i/v3/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c204ef0093fa171578c74a6a2a4f5c9c8ea7b07bb039822d30e1e3d7386aa89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4544034
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 30 Jun 2023 13:20:50 GMT
server
cloudflare
etag
W/"649ed6b2-eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGcwkN88zS80XGLy6iEoE9e422%2FRUknTL6jpL2W9%2FYQpg%2FOkvyzHTpGzw2Aaj%2F6uREEQAymhUMvSS5RcS1vvfafRZgpX4uISchjbFLh%2BZJseWW0Em1MzTkjx6zck"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
883afa5f283a3637-FRA
expires
Sat, 22 Mar 2025 22:30:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6018759167127521&plah=extract.me&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 12:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 May 2024 12:44:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://extract.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 May 2024 12:20:48 GMT
expires
Wed, 14 May 2025 12:20:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-6018759167127521&su=extract.me&eid=44759876%2C44759927%2C44759837%2C31083438%2C31083588%2C95331983%2C95331711%2C95332402%2C95332415&doc=complete&pg_h=1200&pg_w=4000&pg_hs=1200&c=1&aa_c=0&av_h=90&av_w=1024&av_a=92160&b=1024&all_b=1024&d=0.075&all_d=0.075&ard=0.019&all_ard=0.019&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://extract.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 12:44:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240509&jk=205029527616833&bg=!QUKlQg3NAAav94VWj_c7ADQBe5WfOJ56IyQitP2Bi2lemiWq2pTOPzr_J7hOCbeo4xQbHmJqICA5esFDP5sK8QY3yd-sAgAAADhSAAAAAmgBB34ANWnBJddw-crgDvjcKWxH63dD5ia1FCXTJ3yVwH-Ho4k0h1vPlbGqc8jYYvYHoXqQ8zyHNFxemQKMKPLd6CO5jjPm9wSUKntf0RmrorVQoApz90apNI4kP8VIqrhxD_D-6dNT4CFOTxumq8Mm2BYlqYfxnxxcqsNuawfQlj6p0BvyCDXnY_QXgXbTiJktnC1xBLUMpfeK27r_9CApq5gxqeoiryYbpWA7jQhGM-9tL3z5JQOqETtNFvEvBFUPbgUizP41BZ_UEDQcJhKeFV51m6ZDar7I9KOufGgOTA_IuawIMicwvPG9cchrMOhD0yevwZF7OOhEXbTBmDcmVhvvrCuUoCEl-0KgeoLPOjY3sPszAMm3ceQaYL4Evd19EkUNchxVzaHts8OWE5-0VZ2feR3BTMxsfCu_hdZtJt468JC-b-4W6QPxrA04RKIT3wgd4qpELoXbcU54XcEYRCBRb2GQSPQE9gchLcSd-OSlP0_L9A6VQbZDJPis68WJimpYAs9y9bf0hNIjIv0ZSynxEF9fgt7G9EN5QNDVJdk10ply4Y1biNsi3CVND8exYO-Mpa1X-BOMGLpiEvA1VxN0_3u_2cCcmFc0dKPnOzjg0ZveLNvIL60RgtFWHFdtDYLbAy-Y-1adXEKJSKGDOf24657RwuzsbW3d_-2l9oKIzm8F68v0lf90ZNBTp_LA72Jg07ZtuEeWR85wpxIFuC5OX90m1TmJp6mEOd5sSxOrKuZKfq0oMRMTMjSX1wJLsuvT0KVQcNZMbQ4rfJBtaR6PHcC-lzlmLpVtRsg-Z-l39tp7b4nHP2d9pJkJ3c3Y-v6rERY1BHZHQ63-26mhAgbigEwW-TAOTgzN7aBvjHW4GrDwhIlJSfLxrVxa4TkvI19od15fOpvb5GnkGGp6BC6UwTITIiq0MrlqqeA_-LFxzgKHFe2j2Q

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| k object| cf_glob object| glob object| adsbygoogle object| _ function| queue function| jQuery function| $ function| Flow object| FP function| _0x459e function| _0x3e3a function| _0x9d21f9 function| _0x4b3d69 function| _0x135b4b function| _0x23b9bd object| CloudApi object| ServerAPI function| require_feature object| MyPaddle object| Sso object| Premium function| test_mailcheck object| Form object| Usermenu object| OAuth2Login object| UserSystem object| toasts function| gtag object| dataLayer object| app object| archive object| open_progress undefined| or string| api_url object| uploaded_files function| upload_start function| Spinner object| Ladda function| fbAsyncInit string| subscription_plan_id object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
extract.me/ Name: uid
Value: R6z8FuHeN82bzYo9apVg715690648315
.extract.me/ Name: _ga_4FXT0574H0
Value: GS1.1.1715690648.1.0.1715690648.60.0.0
.extract.me/ Name: _ga
Value: GA1.1.1109612651.1715690649
extract.me/ Name: sso_token_extractme
Value: 2ygrll9d2qm8wcwwgw4g4kowk0sgggks404cgccscocg4osgog
id.123apps.com/ Name: PHPSESSID
Value: 5q0ban6kku0krmaaiihm5saqc3
extract.me/ Name: sso_verify_extractme
Value: 5rqggnpdg70gso4wc408kg0s04skggks8owwccw8k8k008oo8k
.extract.me/ Name: __eoi
Value: ID=2e7c8d95f4ef6b5e:T=1715690648:RT=1715690648:S=AA-AfjbKJRc0ezdoGz3aljwiauTY

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://extract.me/
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://extract.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extract.me
id.123apps.com
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.de
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.162
142.250.186.35
172.67.159.133
2001:4860:4802:32::36
2606:4700:20::ac43:4a43
2a00:1450:4001:813::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9d
1434a8569c5158dbfc2001506a5ff0f9bfdc0c7861c9929e0dd8f05d77825c87
1b5f62c5098d25024dfbcccff629125c8de1529aa9adaddc93b73f732eedcbc6
3d203eb00cee56b218bdec8094885c2389480a21362d2a2ce8b245ccbc5ef106
44a7dbc14bb71480cbb595afc409bd218793169ff627be21539da281b424d49d
48111026bd4f063704977dab83fb19090ca3b7d63e8c6db836c3e8e3473826ed
4a36df93af5c527228dede67c5ca6a7ef05a6043c36477119d93cdb0f9371dc5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632d0dd629980171e02998ee6f355a53f700ecda44171efe62dbfe674fb5d456
662e6f8b00629d8a2d09a8dd99c64df6f38e5f2c584f431a7b6331d1c8b92e45
712cf54aec4e9dddc34faaa11dbf8e92712ab0c4c875c424a34178d034024767
785c463696c62d42b6bda76499ebdced62ad377164ab1ea411878c623352533a
78fed2580ecf0edd3c29f2daa2a66d5860bc13a8c4c5081108f91d3f19b0d342
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
82fa5a57e51d104b3f812abfc6b356c2d963340bd4e0b4f22b8519216f2a3f45
88962f3546abdd1ac77fb6aa44c2faf725af03b9fabb2f1f620c4addb3d08482
8c204ef0093fa171578c74a6a2a4f5c9c8ea7b07bb039822d30e1e3d7386aa89
8cecddddfe56d23cc42e89cc5b9dd2a1274bd8c70b860230cb8088006b2ae5f9
8e5d2f8ea1c53b03d7ca3f894026b5a07b296b85e95638295a78f64dc75b56c7
9ac053307f2d81473ddb9c57fcae4f6c421b43a03b7d3611fd329908a30669d6
a98bf5c3ae297c2985ec32cf2b6d42107529629ba566af7fd4eb255bdde0b5a9
b2463c8dec80927e65a4abbefd313eb37ba0b7a3cd796839442d098890025c3d
b39386681e82fa08a686b43fe920a1b4465dcd3f528a083eea9f831d92f65a89
c38873f9cdb76d3f9f4b50b8fd94e7c66d4cda7963530346a4d6559e2ef1fc7f
c81bf59b805a87c2c8e56c98d7416fcc462667c33b90188703dcedb513bf2670
cf5d911d4254c47683defa6ea4f98299f62db06c44d871c251539cde310bcf8b
d0430bf7a9cce503dd1db88fec5a68068c7db3fc6edf80c0dc80675c2fb938fa
d41ce5da445427ac3d027cb62d83ee04bfdd18221dbe2ac84c9122bfbeea1d42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42bf0d73dc7cdfc506f8b60157993d178b410b60b26a2efde66bfd9ce8c8f86