Submitted URL: http://system-rescue.org/
Effective URL: https://system-rescue.org/
Submission Tags: tranco_l324
Submission: On November 05 via api from DE — Scanned from DE

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 58 HTTP transactions. The main IP is 13.226.145.13, located in United States and belongs to AMAZON-02, US. The main domain is system-rescue.org.
TLS certificate: Issued by Amazon on July 24th 2021. Valid for: a year.
This is the only time system-rescue.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 pagead2.googlesyndication.com system-rescue.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 system-rescue.org 1 redirects system-rescue.org
4 www.google.com 3 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com system-rescue.org
58 11
Subject Issuer Validity Valid
www.system-rescue.org
Amazon
2021-07-24 -
2022-08-22
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.de
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh

This page contains 14 frames:

Primary Page: https://system-rescue.org/
Frame ID: 7EAEA00317ADB734A7B0D41A895BD453
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html
Frame ID: D1D74D016A7BFF6460D00CD28DA28928
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&adk=1812271804&adf=3025194257&lmt=1624174404&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsystem-rescue.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391937&bpp=2&bdt=130&idt=61&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4005341026692&frm=20&pv=2&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76
Frame ID: C03DF3558A36BDA28DF3BB46034EAFC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Frame ID: 781D0644187E259E3E3A12159DE08F86
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Frame ID: 6B5782396F00B00EE2BAE012B9641720
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Frame ID: B9A7C00FEB82B89CB0D915E22AB034CA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7FE9F1335A5514C89771B2D8A493FBE4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E308C5FCB1E0644E6C3774290B85DDC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BBF915703871BEF6871A23E3928C1AA3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: F3F47C953057FF4ED053A8B8D7AA49BE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 96F572626BC9640CF2A80C5671F2F1DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 43BC737B713B1EE8830F13B28F7050A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FAE8BD0A0664E952D86861C993DCAD21
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A776506704AA5087A8EC07E5862C2AB
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

SystemRescue - System Rescue Homepage

Page URL History Show full URLs

  1. http://system-rescue.org/ HTTP 301
    https://system-rescue.org/ Page URL

Page Statistics

58
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

802 kB
Transfer

1790 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://system-rescue.org/ HTTP 301
    https://system-rescue.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 48
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
system-rescue.org/
Redirect Chain
  • http://system-rescue.org/
  • https://system-rescue.org/
13 KB
4 KB
Document
General
Full URL
https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb7a5317366639a289f7bd4be82ddd086ddd6702d56a4d3942a8dfa738ff65bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
x-amz-meta-mtime
1624174401.784
last-modified
Sun, 20 Jun 2021 07:33:24 GMT
server
AmazonS3
content-encoding
gzip
date
Fri, 05 Nov 2021 06:06:31 GMT
etag
W/"b82689e213606ee9d82afc17d0c98f6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
8k-XhvOHxxMwjX0LocHSo8UZaU3z45XriR-5EBhJ8WFUKu8XfpOF4g==

Redirect headers

Server
CloudFront
Date
Fri, 05 Nov 2021 06:06:31 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://system-rescue.org/
X-Cache
Redirect from cloudfront
Via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
5Mnwa3n1Qa31tCJxIOsL_o4Ex5Bsjm0-dFkqmkgOcQ7W7VirLLZSYw==
system-rescue.css
system-rescue.org/
2 KB
1 KB
Stylesheet
General
Full URL
https://system-rescue.org/system-rescue.css
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c62e959c70407420a6b64c8f1909b09e01ead5e0ae4264e7264dc1aafe3ff27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 07:07:05 GMT
content-encoding
gzip
last-modified
Sun, 13 Sep 2020 05:38:32 GMT
server
AmazonS3
age
82767
etag
W/"846623aea8ca2e774807067e55d38b9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Kp8sMqmni0ZkMsnsikxvE49CsoS7QTJ53M4MSDUEmwfysnUAbxt2aA==
x-amz-meta-mtime
1548874864
cookieconsent.min.css
system-rescue.org/
5 KB
2 KB
Stylesheet
General
Full URL
https://system-rescue.org/cookieconsent.min.css
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 07:15:29 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 21:41:02 GMT
server
AmazonS3
age
82263
etag
W/"acf82ee47549fdc386d02768992a49ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
JQlZT8y3YSZV4wAcgUpG05_yM5_GsA02gC4iVsnd2jPQ3zMhSRp4QQ==
x-amz-meta-mtime
1605562853.422920294
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5d9765ce13d84740891e7705feba9166fad5c85b1d2ecb90369fce6bd87a3fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51390
x-xss-protection
0
server
cafe
etag
5176728775652758131
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Nov 2021 06:06:31 GMT
js
www.googletagmanager.com/gtag/
142 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ENCYFR0M3T
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e63bccfde15618b8912215af43d96d475e21a23516e81463dfe10804ea77d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54387
x-xss-protection
0
expires
Fri, 05 Nov 2021 06:06:31 GMT
logo.png
system-rescue.org/images/
10 KB
10 KB
Image
General
Full URL
https://system-rescue.org/images/logo.png
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e35b54dfa0d7e8e3028d38a0764a48d36f688a2b35e2a095a80f443ab9e230f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 07:00:12 GMT
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
last-modified
Sat, 12 Sep 2020 14:49:22 GMT
server
AmazonS3
age
83180
etag
"15ebdf546e65e24157dcf4d68265c6b0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-C1
content-length
10144
x-amz-cf-id
i00CIUq7LuRGQjCeS6-vpepTxra7vf7eEmkDFNoEtyfetTd3fK9luw==
x-amz-meta-mtime
1599922054.075
cookieconsent.min.js
system-rescue.org/
20 KB
7 KB
Script
General
Full URL
https://system-rescue.org/cookieconsent.min.js
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:31 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 21:41:02 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
W/"4a48532bf0b17c058b8b6854f49de23f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-id
Pk5IUuipZ577vDf_eS0EmndfAyfpzaf37E4drvW4HIb3gMwHBJsF2w==
x-amz-meta-mtime
1605562853.422920294
collect
www.google-analytics.com/g/
0
339 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ENCYFR0M3T&gtm=2oeb31&_p=596108957&sr=1600x1200&ul=en-us&cid=1229521039.1636092392&_s=1&dl=https%3A%2F%2Fsystem-rescue.org%2F&dt=SystemRescue%20-%20System%20Rescue%20Homepage&sid=1636092391&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ENCYFR0M3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://system-rescue.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://system-rescue.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/
268 KB
96 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
943d7089035380c9c75246a529c5d600f5c4539e851b00c0fee24e41084c7a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98224
x-xss-protection
0
server
cafe
etag
3727064253802357579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Nov 2021 06:06:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/ Frame D1D7
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Nov 2021 04:01:46 GMT
expires
Fri, 19 Nov 2021 04:01:46 GMT
content-type
text/html; charset=UTF-8
etag
4894049669965931928
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4757
x-xss-protection
0
age
7485
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
207 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=system-rescue.org&callback=_gfp_s_&client=ca-pub-2142191452590845
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
d4197f85b580aa99166a6ca1c2ffb9a3029e347d73dbd646cbfb5d7c635a9215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=system-rescue.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=system-rescue.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsystem-rescue.org%2F&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-block%20cc-bottom%20cc-color-override-688238583%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: system-rescue.org
URL: https://system-rescue.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C03D
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&adk=1812271804&adf=3025194257&lmt=1624174404&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsystem-rescue.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391937&bpp=2&bdt=130&idt=61&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4005341026692&frm=20&pv=2&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 781D
70 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06354534a84b5aa0af838855a03109673547519de5233ecdc669ccaaf708d782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
26472
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6B57
81 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b59e1941a03fa89e2403d0e0ce5527a41d15ac4667a115a4c04bef6a6ef4a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
28684
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B9A7
69 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb9f640fce15974a611a17edbeeda9b4825cd4125da3f9caeffac1b5fdac7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
26336
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private
12182053527074319661
tpc.googlesyndication.com/simgad/ Frame B9A7
57 KB
58 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12182053527074319661?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPCfKKsBI2S7kRTzr4gym45fgsHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:18:14 GMT
x-content-type-options
nosniff
age
258498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58793
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 03:30:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 02 Nov 2022 06:18:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame B9A7
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:48:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 06:01:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9A7
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Nov 2021 06:06:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:34:05 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 17:30:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B9A7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cwnsj6MmEYeD7A6CB9u8P8faD4Amx24WjZsnK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBM8BT9CaD4vopcONAHa4LnnBdxiZE4ceJWtPz6cNwM1qIEiX6Me-N36c7yceBResWC2mGdJxC5mSbFsE1-jK3FcXoJ9rYAbZZrwXQxWHFdesTAk52sJlecDLrOHlIDMu9gx3ZtuPtCgSXhX6Bu262bgxhCSobMn4bh5XCglA6Zk03M4kIxDx7tRlkHRiA0Q2jnYldAJWqqMx0_w2PFgL-jpq-Jd0gUFx0JABxQHGIPjKoqB4j0RoYWOF2FLRrXXAlA184TsWdbCeSB1xr_aXOs8WwASltbvV1gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH-IKG1QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQg7RE0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTIxNDIxOTE0NTI1OTA4NDUYAA&sigh=xRDxI9Y8TNk&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Nov 2021 06:06:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Nov 2021 06:06:32 GMT
2388409394774617895
tpc.googlesyndication.com/daca_images/simgad/ Frame 6B57
104 KB
105 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2388409394774617895
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ddfbad28752ea127cc9eec8881a059af0bd39f23b20c12b157c5dd4e306331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:00:51 GMT
x-content-type-options
nosniff
age
309941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106856
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 11:14:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 01 Nov 2022 16:00:51 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 6B57
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:48:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 06:01:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B57
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Nov 2021 06:06:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:34:05 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6B57
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CC7286MmEYbHdA8nE7_UPyKqsyAex24WjZvHK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBMoBT9DHPq8A6r9RiIpOzdtOBYl2rlINPZ226nDO2dKd-TQCcU_-fM0jeD0Vw4KHryAICEalvwkcY-LBdCiomyfV7JGwWilaxvKfVj-_pnYg8QIT7mn8Lmghgg93qFFPNxadTC5iaYSn_IkU3zd34K_yjJkR8GlK5RId_thY7kJG-T-thmtt5IjsIDP_MHqcpOPPgg9bk9V98g7m-G67k6WHWc7LgOkeeqXYwcM6aY3DXIs5WtxD6dATKL8Kk4UI1yQ3Gl09TgPw_KFVIcAEpbW71dYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_iChtUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEKWapQHSCAkIgOGAEBABGF-ACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjE0MjE5MTQ1MjU5MDg0NRgA&sigh=kmkNLkc8TjM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Nov 2021 06:06:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 17:30:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7FE9
143 B
222 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Nov 2021 05:21:52 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3E30
143 B
198 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Nov 2021 05:21:52 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B9A7
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53dec80ec27efd1d02bb927f975c4b14decaac2307813db71162257538d18ada

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6B57
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c293873508c7b2efd6c04b16b0387438cfa2f908ce008c5bc26463373a784a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
12182053527074319661
tpc.googlesyndication.com/simgad/ Frame 781D
57 KB
58 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12182053527074319661?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPCfKKsBI2S7kRTzr4gym45fgsHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 06:18:14 GMT
x-content-type-options
nosniff
age
258498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58793
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 03:30:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 02 Nov 2022 06:18:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 781D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:48:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 06:01:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 781D
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Nov 2021 06:06:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:34:05 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 17:30:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 781D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbHRx6MmEYf-0A73K7_UP8KSY8Aix24WjZsnK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBM8BT9AOfx7FBLO4P5Y_znpO4ucjgDOm_BpkYDu-doSdDTNwu9afIXDvTZMiykRThxBV6PisZ_vkDm2KLea4S9KORlcf-pCB1cz1yw5NP2uitMOzbvMEoG_WFwaemqkCUNCDwgZws7pyYRIGXPaCV2dTQmGRc1k51dA1cifGf3QZe4l77HbifCsoM4cnpRHkGiAzNjz_lTCRERs0-k1b2pMsxcwtoAq_xsXVZsavXjpX1i4UaAM5_34o0gdY7nm6mtGLcRH9jiU2VvQM8ltf06eqwASltbvV1gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH-IKG1QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQudJt0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTIxNDIxOTE0NTI1OTA4NDUYAA&sigh=HqPZBQNSHlw&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Nov 2021 06:06:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FE9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame BBF9
143 B
198 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Nov 2021 05:21:52 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame F3F4
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
291423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3E30
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 96F5
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
291423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
truncated
/ Frame 781D
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d890af04dc733105ff1b4bf8ab996cfe178461c6809a46bcb677a7a34502948

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame BBF9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
167 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:33 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Nov 2021 06:06:33 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Nov 2021 06:06:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 43BC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
291423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71bbd97b13e77b1a9bcc45cbe90cc5548c3049922e4b69140e8e8d7829dc3084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Nov 2021 06:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9269
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 06:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 05 Nov 2021 06:06:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FAE8
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 05 Nov 2021 03:02:46 GMT
expires
Sat, 05 Nov 2022 03:02:46 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8A77
783 B
1002 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::67 Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7dad2bfabc1f7151a60e8716b5538570ae37a6bd17ac43f2fd9e03f250dfa40f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f7gH2AgIl7FQuKMDDQN16g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 05 Nov 2021 06:06:33 GMT
date
Fri, 05 Nov 2021 06:06:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-f7gH2AgIl7FQuKMDDQN16g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame FAE8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
291424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A77
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211101&jk=4117777938446586&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211101&jk=4117777938446586&bg=!qqmlqe3NAAYH3anuB907ACkAdvg8Wk8WH_EKvBM5pSYHiPm2qvqtpMwRTROU5lN6gAhub4gx-zxytwIAAABpUgAAAAhoAQcKAD3n9i9TzDzRN09yxlML-2CGVD1lIckNwD6NemFLAxEg7mRsQGA4pFHSJmN_mnp9JHJxjBuDmizA9pyG2DNTmQKq6EKaZEYWCtp6T3o0WpynVqbA4VCqnRzppFpIiTiiMS55IXl_69fmo6y5gPspBa7Azu16B9QjKnSODeSL1G1P0gNXv70Bhe6ymHREGqVoj5d89h81CW6JLA-4AKUwQludwSOLuHYbwTKQfEuZ5egDytRlTzERNOAcJxf6JX42ZDU8BPCQJF-SLhTaJsQhHM8TS1U_1LyEOXt2D9xBsEImlN44opI2DNqBNOS8e_o2pFRyi9JZbMv0OV9LC5zZFbuEQQNXsLcqu9BrPou7UEPVHJh647MagX5HxRxxdKWLjpPqI3rkZWQPQNTXqRrT7g3KveYQv6pmrVtY5-6lCg0C7iJCgFVZqbNGiiXjYxwLbi_B8ROQxvLXpYYWDdVCoASroWw3jCAL8NGzMvcFn57hxPsdH9AqYbljiOBYJ5E_nAKrZO3OXFqcJkHKUKC99fxnjNpumRaG4B8BGpbFw_ckhRl4OYDr9-kjmJNnSgatoCyaQ17hlQJulzRk9dkAzFoJSyGrTJh2Yqv0TmMatUbGO7R-nWwoBZBoUB1ZVLbDpwJnWD7H76QxxboRBhSaFN2_NC_TKZqyZnRFBnYJk3050SDPNfS4TEHlt0GpgYODj9HcvOSWmBzwaCC5s9xSOWV6IOqxXKMcQ_LQNms1SwoQAf1UPn-Wm9-1scDX1UkEpjBUDYvgibiDaoXPV-2ODVop9K9gVtfKoiC6-qH765htkG_TK3JyoolWWB4wigw5UAeBrCbmpZRRSiD05030gOtoSw063ycUHIYTARX6D7lm_vAmpxHPSHhJxHYS0eEtXL284-5RDDwpzGcNGRu3jhEL5xjX5LejTMv3WqSIid73sdrvUqbjg3jtlMGF6o8cYBMbMZrkr3vGebdE5-HQ3SCGsFwBGLfki_JY8g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://system-rescue.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B9A7
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjqdN6_9PxgjzSHvdQDv8o2tHX0wbVf3or21Wg_vmsY5y6qZkcVhZpVe89dLyn8XdFA_jswt45nSGTuYJWPWt0ArxnCCHAQ8Ue1Y9SQqCFPCaCLaGqxg&sai=AMfl-YSDR5KbcPYgG_rLAMWL9s8dNXnbkdUSUhO-s6rUeymst9YAkEWcfE6BV_x0nB88KdnQRVIsUwAhX9lv&sig=Cg0ArKJSzH1kYjSdk2peEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2544485884&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392047&rpt=569&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B57
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-ItB08EnYZsgI4y4YRMbYAefi0RGVqKerJZl6ucsT4HLW7brD2PJ-8jKEbAiy63b-rrOF3N8p6Uyb3nIOpSXm-muAF1fOO7r0d26mK_HWjnFibW-qug&sai=AMfl-YQm5pUKDMb8fH6-6KJXzToCt4Ysv4BQTFBWv3Wr-8dd18YwIfbLfy2HtsEYzFBUxF81yRVTboVPQpF6&sig=Cg0ArKJSzECHWGFY74q5EAE&id=lidar2&mcvt=1000&p=0,212,200,988&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3706206991&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392043&rpt=630&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 781D
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc-L_yP3YxxzUqGKxxroyLpIjlzEHXFFI0cZhJZ6Z4M9z2ifXBXCEtdew2BEFcocO32l-9OZG95FANgLbH66wPFYk5vwbHuXN1Wf5VAEEthchZ2H333g&sai=AMfl-YQP7qjYpuhZ6g0DAavJ6Xr1DVgFd50t_1LNIFbFpt1XTs8ixEUu43PvuoalsmDlXelIbWggT6U61ubF&sig=Cg0ArKJSzLzAH7bavhDjEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3237442505&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392037&rpt=716&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| adsbygoogle object| cookieconsent object| google_tag_manager object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.system-rescue.org/ Name: _ga_ENCYFR0M3T
Value: GS1.1.1636092391.1.0.1636092391.0
.system-rescue.org/ Name: _ga
Value: GA1.1.1229521039.1636092392
.system-rescue.org/ Name: __gads
Value: ID=eb3bdd8b1e5a499e-22c378e22acb00c1:T=1636092392:RT=1636092392:S=ALNI_MZy0Ix4NPqmCiW9fG2JfzuEfjbc6A
.doubleclick.net/ Name: IDE
Value: AHWqTUlRIw55IzKXVyEej9lGtCIFUDTYSkWpUkCs_9a8_bLr6DD9RSFraNsY3Ae_Z80
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
system-rescue.org
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.226.145.13
172.217.18.98
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400e:801::200e
2a00:1450:4025:402::67
2a00:1450:4025:402::9b
06354534a84b5aa0af838855a03109673547519de5233ecdc669ccaaf708d782
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b59e1941a03fa89e2403d0e0ce5527a41d15ac4667a115a4c04bef6a6ef4a9d
1e63bccfde15618b8912215af43d96d475e21a23516e81463dfe10804ea77d3d
2d890af04dc733105ff1b4bf8ab996cfe178461c6809a46bcb677a7a34502948
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53dec80ec27efd1d02bb927f975c4b14decaac2307813db71162257538d18ada
5e35b54dfa0d7e8e3028d38a0764a48d36f688a2b35e2a095a80f443ab9e230f
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a
71bbd97b13e77b1a9bcc45cbe90cc5548c3049922e4b69140e8e8d7829dc3084
7dad2bfabc1f7151a60e8716b5538570ae37a6bd17ac43f2fd9e03f250dfa40f
943d7089035380c9c75246a529c5d600f5c4539e851b00c0fee24e41084c7a77
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845
9c62e959c70407420a6b64c8f1909b09e01ead5e0ae4264e7264dc1aafe3ff27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d9765ce13d84740891e7705feba9166fad5c85b1d2ecb90369fce6bd87a3fd
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
b3ddfbad28752ea127cc9eec8881a059af0bd39f23b20c12b157c5dd4e306331
cb7a5317366639a289f7bd4be82ddd086ddd6702d56a4d3942a8dfa738ff65bb
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d3c293873508c7b2efd6c04b16b0387438cfa2f908ce008c5bc26463373a784a
d4197f85b580aa99166a6ca1c2ffb9a3029e347d73dbd646cbfb5d7c635a9215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcb9f640fce15974a611a17edbeeda9b4825cd4125da3f9caeffac1b5fdac7e3