system-rescue.org Open in urlscan Pro
13.226.145.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://system-rescue.org/
Effective URL:
https://system-rescue.org/
Submission Tags: tranco_l324
Submission: On November 05 via api (November 5th 2021, 6:06:36 am UTC) from DE — Scanned from DE

Summary HTTP 58 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 58 HTTP transactions. The main IP is 13.226.145.13, located in United States and belongs to AMAZON-02, US. The main domain is system-rescue.org.
TLS certificate: Issued by Amazon on July 24th 2021. Valid for: a year.

This is the only time system-rescue.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	13.226.145.13 13.226.145.13	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:801::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:402... 2a00:1450:4025:402::67	15169 (GOOGLE) (GOOGLE)
58	12

6 13.226.145.13 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-13.dus51.r.cloudfront.net

system-rescue.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4025:402::67 (Den Helder, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	523 KB
14	doubleclick.net googleads.g.doubleclick.net	87 KB
6	system-rescue.org 1 redirects system-rescue.org	25 KB
5	google.com 3 redirects adservice.google.com www.google.com	2 KB
3	googletagservices.com www.googletagservices.com	111 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	642 B
1	google-analytics.com www.google-analytics.com	339 B
1	googletagmanager.com www.googletagmanager.com	54 KB
58	9

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	system-rescue.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	system-rescue.org	1 redirects system-rescue.org
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	system-rescue.org
58	11

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.system-rescue.org
www.gnu.org
gparted.org
www.fsarchiver.org
www.cgsecurity.org
www.memtest86.com
gitlab.com
opensource.org

Subject Issuer	Validity	Valid
www.system-rescue.org Amazon	`2021-07-24` - `2022-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://system-rescue.org/
Frame ID: 7EAEA00317ADB734A7B0D41A895BD453
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html
Frame ID: D1D74D016A7BFF6460D00CD28DA28928
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&adk=1812271804&adf=3025194257&lmt=1624174404&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsystem-rescue.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391937&bpp=2&bdt=130&idt=61&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4005341026692&frm=20&pv=2&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76
Frame ID: C03DF3558A36BDA28DF3BB46034EAFC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
Frame ID: 781D0644187E259E3E3A12159DE08F86
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
Frame ID: 6B5782396F00B00EE2BAE012B9641720
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
Frame ID: B9A7C00FEB82B89CB0D915E22AB034CA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7FE9F1335A5514C89771B2D8A493FBE4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E308C5FCB1E0644E6C3774290B85DDC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BBF915703871BEF6871A23E3928C1AA3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: F3F47C953057FF4ED053A8B8D7AA49BE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 96F572626BC9640CF2A80C5671F2F1DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 43BC737B713B1EE8830F13B28F7050A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FAE8BD0A0664E952D86861C993DCAD21
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A776506704AA5087A8EC07E5862C2AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SystemRescue - System Rescue Homepage

Page URL History Show full URLs

http://system-rescue.org/ HTTP 301
https://system-rescue.org/ Page URL

Page Statistics

58
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

802 kB
Transfer

1790 kB
Size

5
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Download/
Title: Download

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Changes-x86/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/System-tools/
Title: System tools

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Installing-SystemRescue-on-a-USB-memory-stick/
Title: Bootable USB

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Detailed-packages-list/
Title: Package list

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Screenshots/
Title: Screenshots

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/Modules/
Title: Modules

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/manual/Booting_SystemRescueCd/
Title: Boot options

Search URL Search Domain Scan URL

URL: https://www.system-rescue.org/manual/Installing_SystemRescue_on_the_disk/
Title: Disk install

Search URL Search Domain Scan URL

URL: http://www.gnu.org/software/parted/
Title: GNU Parted

Search URL Search Domain Scan URL

URL: http://gparted.org/
Title: GParted

Search URL Search Domain Scan URL

URL: http://www.fsarchiver.org/
Title: FSArchiver

Search URL Search Domain Scan URL

URL: http://www.gnu.org/software/ddrescue/
Title: ddrescue

Search URL Search Domain Scan URL

URL: http://www.cgsecurity.org/wiki/TestDisk
Title: Test-disk

Search URL Search Domain Scan URL

URL: https://www.memtest86.com/
Title: Memtest

Search URL Search Domain Scan URL

URL: https://gitlab.com/systemrescue/systemrescue-sources
Title: GitLab

Search URL Search Domain Scan URL

URL: https://opensource.org/licenses/GPL-3.0
Title: GPLv3

Search URL Search Domain Scan URL

URL: https://gitlab.com/systemrescue/systemrescue-sources/-/issues
Title: Bug tracker

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://system-rescue.org/ HTTP 301
https://system-rescue.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 45

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

58 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
system-rescue.org/
Redirect Chain

http://system-rescue.org/
https://system-rescue.org/

13 KB
4 KB

52ms
24ms

Document
text/html

13.226.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system-rescue.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb7a5317366639a289f7bd4be82ddd086ddd6702d56a4d3942a8dfa738ff65bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
x-amz-meta-mtime: 1624174401.784
last-modified: Sun, 20 Jun 2021 07:33:24 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 05 Nov 2021 06:06:31 GMT
etag: W/"b82689e213606ee9d82afc17d0c98f6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 8k-XhvOHxxMwjX0LocHSo8UZaU3z45XriR-5EBhJ8WFUKu8XfpOF4g==

Redirect headers

Server: CloudFront
Date: Fri, 05 Nov 2021 06:06:31 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://system-rescue.org/
X-Cache: Redirect from cloudfront
Via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 5Mnwa3n1Qa31tCJxIOsL_o4Ex5Bsjm0-dFkqmkgOcQ7W7VirLLZSYw==

GET
H2 200 system-rescue.css
system-rescue.org/ 2 KB
1 KB 11ms
11ms Stylesheet
text/css 13.226.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system-rescue.org/system-rescue.css
Requested by: Host: system-rescue.org
URL: https://system-rescue.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c62e959c70407420a6b64c8f1909b09e01ead5e0ae4264e7264dc1aafe3ff27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:07:05 GMT
content-encoding: gzip
last-modified: Sun, 13 Sep 2020 05:38:32 GMT
server: AmazonS3
age: 82767
etag: W/"846623aea8ca2e774807067e55d38b9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Kp8sMqmni0ZkMsnsikxvE49CsoS7QTJ53M4MSDUEmwfysnUAbxt2aA==
x-amz-meta-mtime: 1548874864

GET
H2 200 cookieconsent.min.css
system-rescue.org/ 5 KB
2 KB 12ms
11ms Stylesheet
text/css 13.226.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system-rescue.org/cookieconsent.min.css
Requested by: Host: system-rescue.org
URL: https://system-rescue.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:15:29 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 21:41:02 GMT
server: AmazonS3
age: 82263
etag: W/"acf82ee47549fdc386d02768992a49ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JQlZT8y3YSZV4wAcgUpG05_yM5_GsA02gC4iVsnd2jPQ3zMhSRp4QQ==
x-amz-meta-mtime: 1605562853.422920294

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 70ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: system-rescue.org
URL: https://system-rescue.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5d9765ce13d84740891e7705feba9166fad5c85b1d2ecb90369fce6bd87a3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51390
x-xss-protection: 0
server: cafe
etag: 5176728775652758131
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 06:06:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 142 KB
54 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ENCYFR0M3T

Requested by

Host: system-rescue.org
URL: https://system-rescue.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e63bccfde15618b8912215af43d96d475e21a23516e81463dfe10804ea77d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54387
x-xss-protection: 0
expires: Fri, 05 Nov 2021 06:06:31 GMT

GET
H2 200 logo.png
system-rescue.org/images/ 10 KB
10 KB 12ms
12ms Image
image/png 13.226.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://system-rescue.org/images/logo.png
Requested by: Host: system-rescue.org
URL: https://system-rescue.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e35b54dfa0d7e8e3028d38a0764a48d36f688a2b35e2a095a80f443ab9e230f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:00:12 GMT
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
last-modified: Sat, 12 Sep 2020 14:49:22 GMT
server: AmazonS3
age: 83180
etag: "15ebdf546e65e24157dcf4d68265c6b0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
content-length: 10144
x-amz-cf-id: i00CIUq7LuRGQjCeS6-vpepTxra7vf7eEmkDFNoEtyfetTd3fK9luw==
x-amz-meta-mtime: 1599922054.075

GET
H2 200 cookieconsent.min.js Show response
system-rescue.org/ 20 KB
7 KB 16ms
16ms Script
application/javascript 13.226.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system-rescue.org/cookieconsent.min.js
Requested by: Host: system-rescue.org
URL: https://system-rescue.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:31 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 21:41:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"4a48532bf0b17c058b8b6854f49de23f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-id: Pk5IUuipZ577vDf_eS0EmndfAyfpzaf37E4drvW4HIb3gMwHBJsF2w==
x-amz-meta-mtime: 1605562853.422920294

POST
H2 204 collect
www.google-analytics.com/g/ 0
339 B 48ms
18ms Ping
text/plain 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ENCYFR0M3T&gtm=2oeb31&_p=596108957&sr=1600x1200&ul=en-us&cid=1229521039.1636092392&_s=1&dl=https%3A%2F%2Fsystem-rescue.org%2F&dt=SystemRescue%20-%20System%20Rescue%20Homepage&sid=1636092391&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ENCYFR0M3T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://system-rescue.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://system-rescue.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/ 268 KB
96 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

943d7089035380c9c75246a529c5d600f5c4539e851b00c0fee24e41084c7a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98224
x-xss-protection: 0
server: cafe
etag: 3727064253802357579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 06:06:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/ Frame D1D7 10 KB
5 KB 43ms
14ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 04:01:46 GMT
expires: Fri, 19 Nov 2021 04:01:46 GMT
content-type: text/html; charset=UTF-8
etag: 4894049669965931928
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4757
x-xss-protection: 0
age: 7485
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
642 B 51ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=system-rescue.org&callback=_gfp_s_&client=ca-pub-2142191452590845

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2142191452590845&plah=system-rescue.org&bust=31063400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d4197f85b580aa99166a6ca1c2ffb9a3029e347d73dbd646cbfb5d7c635a9215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=system-rescue.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=system-rescue.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsystem-rescue.org%2F&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-block%20cc-bottom%20cc-color-override-688238583%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: system-rescue.org
URL: https://system-rescue.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C03D 0
188 B 101ms
100ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&adk=1812271804&adf=3025194257&lmt=1624174404&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsystem-rescue.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391937&bpp=2&bdt=130&idt=61&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4005341026692&frm=20&pv=2&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 781D 70 KB
26 KB 547ms
546ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06354534a84b5aa0af838855a03109673547519de5233ecdc669ccaaf708d782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 26472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B57 81 KB
28 KB 485ms
485ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b59e1941a03fa89e2403d0e0ce5527a41d15ac4667a115a4c04bef6a6ef4a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 28684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9A7 69 KB
26 KB 451ms
448ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb9f640fce15974a611a17edbeeda9b4825cd4125da3f9caeffac1b5fdac7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 26336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

GET
H2 200 12182053527074319661
tpc.googlesyndication.com/simgad/ Frame B9A7 57 KB
58 KB 45ms
16ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12182053527074319661?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPCfKKsBI2S7kRTzr4gym45fgsHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:18:14 GMT
x-content-type-options: nosniff
age: 258498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58793
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 03:30:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 06:18:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame B9A7 19 KB
8 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:48:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7 3 KB
2 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9A7 120 KB
37 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:06:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7 15 KB
7 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:34:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B9A7 27 KB
11 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11538
x-xss-protection: 0
server: cafe
etag: 16299297374704173702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 17:30:28 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame B9A7 0
0 35ms
34ms Fetch
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwnsj6MmEYeD7A6CB9u8P8faD4Amx24WjZsnK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBM8BT9CaD4vopcONAHa4LnnBdxiZE4ceJWtPz6cNwM1qIEiX6Me-N36c7yceBResWC2mGdJxC5mSbFsE1-jK3FcXoJ9rYAbZZrwXQxWHFdesTAk52sJlecDLrOHlIDMu9gx3ZtuPtCgSXhX6Bu262bgxhCSobMn4bh5XCglA6Zk03M4kIxDx7tRlkHRiA0Q2jnYldAJWqqMx0_w2PFgL-jpq-Jd0gUFx0JABxQHGIPjKoqB4j0RoYWOF2FLRrXXAlA184TsWdbCeSB1xr_aXOs8WwASltbvV1gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH-IKG1QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQg7RE0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTIxNDIxOTE0NTI1OTA4NDUYAA&sigh=xRDxI9Y8TNk&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 05 Nov 2021 06:06:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Nov 2021 06:06:32 GMT

GET
H2 200 2388409394774617895
tpc.googlesyndication.com/daca_images/simgad/ Frame 6B57 104 KB
105 KB 20ms
16ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2388409394774617895

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ddfbad28752ea127cc9eec8881a059af0bd39f23b20c12b157c5dd4e306331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 16:00:51 GMT
x-content-type-options: nosniff
age: 309941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106856
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 11:14:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Nov 2022 16:00:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 6B57 19 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:48:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B57 120 KB
37 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:06:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57 15 KB
7 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:34:05 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B57 0
0 38ms
37ms Fetch
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC7286MmEYbHdA8nE7_UPyKqsyAex24WjZvHK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBMoBT9DHPq8A6r9RiIpOzdtOBYl2rlINPZ226nDO2dKd-TQCcU_-fM0jeD0Vw4KHryAICEalvwkcY-LBdCiomyfV7JGwWilaxvKfVj-_pnYg8QIT7mn8Lmghgg93qFFPNxadTC5iaYSn_IkU3zd34K_yjJkR8GlK5RId_thY7kJG-T-thmtt5IjsIDP_MHqcpOPPgg9bk9V98g7m-G67k6WHWc7LgOkeeqXYwcM6aY3DXIs5WtxD6dATKL8Kk4UI1yQ3Gl09TgPw_KFVIcAEpbW71dYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_iChtUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEKWapQHSCAkIgOGAEBABGF-ACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjE0MjE5MTQ1MjU5MDg0NRgA&sigh=kmkNLkc8TjM&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 05 Nov 2021 06:06:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6B57 27 KB
11 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11538
x-xss-protection: 0
server: cafe
etag: 16299297374704173702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 17:30:28 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7FE9 143 B
222 B 16ms
15ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=1411782307&adk=2544485884&adf=1937846983&pi=t.ma~as.1411782307&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391943&bpp=1&bdt=136&idt=100&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C1200x200&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1427&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=QN1bYni20U&p=https%3A//system-rescue.org&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 05:21:52 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E30 143 B
198 B 22ms
21ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=200&slotname=9597501883&adk=3706206991&adf=864026182&pi=t.ma~as.9597501883&w=1200&fwrn=4&lmt=1624174404&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391941&bpp=2&bdt=134&idt=98&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=198&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yrFB7UZTxm&p=https%3A//system-rescue.org&dtd=101

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 05:21:52 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B9A7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53dec80ec27efd1d02bb927f975c4b14decaac2307813db71162257538d18ada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B57 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3c293873508c7b2efd6c04b16b0387438cfa2f908ce008c5bc26463373a784a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12182053527074319661
tpc.googlesyndication.com/simgad/ Frame 781D 57 KB
58 KB 9ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12182053527074319661?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPCfKKsBI2S7kRTzr4gym45fgsHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:18:14 GMT
x-content-type-options: nosniff
age: 258498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58793
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 03:30:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 06:18:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 781D 19 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:48:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:01:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 781D 120 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 06:06:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D 15 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 05:34:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 781D 27 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11538
x-xss-protection: 0
server: cafe
etag: 16299297374704173702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Nov 2021 17:30:28 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 781D 0
0 30ms
29ms Fetch
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbHRx6MmEYf-0A73K7_UP8KSY8Aix24WjZsnK_v_4DtnZHhABINi9rn5glbqsgrQHoAGA14W4AcgBAqgDAcgDyQSqBM8BT9AOfx7FBLO4P5Y_znpO4ucjgDOm_BpkYDu-doSdDTNwu9afIXDvTZMiykRThxBV6PisZ_vkDm2KLea4S9KORlcf-pCB1cz1yw5NP2uitMOzbvMEoG_WFwaemqkCUNCDwgZws7pyYRIGXPaCV2dTQmGRc1k51dA1cifGf3QZe4l77HbifCsoM4cnpRHkGiAzNjz_lTCRERs0-k1b2pMsxcwtoAq_xsXVZsavXjpX1i4UaAM5_34o0gdY7nm6mtGLcRH9jiU2VvQM8ltf06eqwASltbvV1gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH-IKG1QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQudJt0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTIxNDIxOTE0NTI1OTA4NDUYAA&sigh=HqPZBQNSHlw&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 05 Nov 2021 06:06:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7FE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
225 B

61ms
61ms

Document
text/html

2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBF9 143 B
198 B 16ms
14ms Document
text/html 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2142191452590845&output=html&h=600&slotname=8368837230&adk=3237442505&adf=2992575332&pi=t.ma~as.8368837230&w=160&lmt=1624174404&psa=0&format=160x600&url=https%3A%2F%2Fsystem-rescue.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636092391939&bpp=2&bdt=132&idt=93&shv=r20211101&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4005341026692&frm=20&pv=1&ga_vid=1229521039.1636092392&ga_sid=1636092392&ga_hid=596108957&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=11&ady=405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063360%2C31063400%2C31063182&oid=2&pvsid=4117777938446586&pem=716&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PVqUYdpWBV&p=https%3A//system-rescue.org&dtd=97

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 05 Nov 2021 05:21:52 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame F3F4 35 KB
13 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
225 B

69ms
68ms

Document
text/html

2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 96F5 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
DATA 200
OK truncated
/ Frame 781D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d890af04dc733105ff1b4bf8ab996cfe178461c6809a46bcb677a7a34502948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBF9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

50ms
50ms

Document
text/html

2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Nov 2021 06:06:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 06:06:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 43BC 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 44ms
24ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211101&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71bbd97b13e77b1a9bcc45cbe90cc5548c3049922e4b69140e8e8d7829dc3084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 06:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9269
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 05 Nov 2021 06:06:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FAE8 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 05 Nov 2021 03:02:46 GMT
expires: Sat, 05 Nov 2022 03:02:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8A77 783 B
1002 B 21ms
21ms Document
text/html 2a00:1450:4025:402::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::67 Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7dad2bfabc1f7151a60e8716b5538570ae37a6bd17ac43f2fd9e03f250dfa40f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f7gH2AgIl7FQuKMDDQN16g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 05 Nov 2021 06:06:33 GMT
date: Fri, 05 Nov 2021 06:06:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-f7gH2AgIl7FQuKMDDQN16g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame FAE8 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A77 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211101&jk=4117777938446586&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211101&jk=4117777938446586&bg=!qqmlqe3NAAYH3anuB907ACkAdvg8Wk8WH_EKvBM5pSYHiPm2qvqtpMwRTROU5lN6gAhub4gx-zxytwIAAABpUgAAAAhoAQcKAD3n9i9TzDzRN09yxlML-2CGVD1lIckNwD6NemFLAxEg7mRsQGA4pFHSJmN_mnp9JHJxjBuDmizA9pyG2DNTmQKq6EKaZEYWCtp6T3o0WpynVqbA4VCqnRzppFpIiTiiMS55IXl_69fmo6y5gPspBa7Azu16B9QjKnSODeSL1G1P0gNXv70Bhe6ymHREGqVoj5d89h81CW6JLA-4AKUwQludwSOLuHYbwTKQfEuZ5egDytRlTzERNOAcJxf6JX42ZDU8BPCQJF-SLhTaJsQhHM8TS1U_1LyEOXt2D9xBsEImlN44opI2DNqBNOS8e_o2pFRyi9JZbMv0OV9LC5zZFbuEQQNXsLcqu9BrPou7UEPVHJh647MagX5HxRxxdKWLjpPqI3rkZWQPQNTXqRrT7g3KveYQv6pmrVtY5-6lCg0C7iJCgFVZqbNGiiXjYxwLbi_B8ROQxvLXpYYWDdVCoASroWw3jCAL8NGzMvcFn57hxPsdH9AqYbljiOBYJ5E_nAKrZO3OXFqcJkHKUKC99fxnjNpumRaG4B8BGpbFw_ckhRl4OYDr9-kjmJNnSgatoCyaQ17hlQJulzRk9dkAzFoJSyGrTJh2Yqv0TmMatUbGO7R-nWwoBZBoUB1ZVLbDpwJnWD7H76QxxboRBhSaFN2_NC_TKZqyZnRFBnYJk3050SDPNfS4TEHlt0GpgYODj9HcvOSWmBzwaCC5s9xSOWV6IOqxXKMcQ_LQNms1SwoQAf1UPn-Wm9-1scDX1UkEpjBUDYvgibiDaoXPV-2ODVop9K9gVtfKoiC6-qH765htkG_TK3JyoolWWB4wigw5UAeBrCbmpZRRSiD05030gOtoSw063ycUHIYTARX6D7lm_vAmpxHPSHhJxHYS0eEtXL284-5RDDwpzGcNGRu3jhEL5xjX5LejTMv3WqSIid73sdrvUqbjg3jtlMGF6o8cYBMbMZrkr3vGebdE5-HQ3SCGsFwBGLfki_JY8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://system-rescue.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9A7 42 B
174 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjqdN6_9PxgjzSHvdQDv8o2tHX0wbVf3or21Wg_vmsY5y6qZkcVhZpVe89dLyn8XdFA_jswt45nSGTuYJWPWt0ArxnCCHAQ8Ue1Y9SQqCFPCaCLaGqxg&sai=AMfl-YSDR5KbcPYgG_rLAMWL9s8dNXnbkdUSUhO-s6rUeymst9YAkEWcfE6BV_x0nB88KdnQRVIsUwAhX9lv&sig=Cg0ArKJSzH1kYjSdk2peEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2544485884&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392047&rpt=569&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B57 42 B
108 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-ItB08EnYZsgI4y4YRMbYAefi0RGVqKerJZl6ucsT4HLW7brD2PJ-8jKEbAiy63b-rrOF3N8p6Uyb3nIOpSXm-muAF1fOO7r0d26mK_HWjnFibW-qug&sai=AMfl-YQm5pUKDMb8fH6-6KJXzToCt4Ysv4BQTFBWv3Wr-8dd18YwIfbLfy2HtsEYzFBUxF81yRVTboVPQpF6&sig=Cg0ArKJSzECHWGFY74q5EAE&id=lidar2&mcvt=1000&p=0,212,200,988&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3706206991&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392043&rpt=630&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 781D 42 B
108 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc-L_yP3YxxzUqGKxxroyLpIjlzEHXFFI0cZhJZ6Z4M9z2ifXBXCEtdew2BEFcocO32l-9OZG95FANgLbH66wPFYk5vwbHuXN1Wf5VAEEthchZ2H333g&sai=AMfl-YQP7qjYpuhZ6g0DAavJ6Xr1DVgFd50t_1LNIFbFpt1XTs8ixEUu43PvuoalsmDlXelIbWggT6U61ubF&sig=Cg0ArKJSzLzAH7bavhDjEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3237442505&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636092392037&rpt=716&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:06:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.system-rescue.org/	1970-01-20 15:59:24	Name: _ga_ENCYFR0M3T Value: GS1.1.1636092391.1.0.1636092391.0
.system-rescue.org/	1970-01-20 15:59:24	Name: _ga Value: GA1.1.1229521039.1636092392
.system-rescue.org/	1970-01-20 07:49:48	Name: __gads Value: ID=eb3bdd8b1e5a499e-22c378e22acb00c1:T=1636092392:RT=1636092392:S=ALNI_MZy0Ix4NPqmCiW9fG2JfzuEfjbc6A
.doubleclick.net/	1970-01-20 07:49:48	Name: IDE Value: AHWqTUlRIw55IzKXVyEej9lGtCIFUDTYSkWpUkCs_9a8_bLr6DD9RSFraNsY3Ae_Z80
.doubleclick.net/	1970-01-19 22:28:15	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
system-rescue.org
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.226.145.13
172.217.18.98
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400e:801::200e
2a00:1450:4025:402::67
2a00:1450:4025:402::9b
06354534a84b5aa0af838855a03109673547519de5233ecdc669ccaaf708d782
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b59e1941a03fa89e2403d0e0ce5527a41d15ac4667a115a4c04bef6a6ef4a9d
1e63bccfde15618b8912215af43d96d475e21a23516e81463dfe10804ea77d3d
2d890af04dc733105ff1b4bf8ab996cfe178461c6809a46bcb677a7a34502948
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53dec80ec27efd1d02bb927f975c4b14decaac2307813db71162257538d18ada
5e35b54dfa0d7e8e3028d38a0764a48d36f688a2b35e2a095a80f443ab9e230f
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6d74480ed4b693a108434c56427a7be2bb8e535b8eee8ccae4425b063efe689a
71bbd97b13e77b1a9bcc45cbe90cc5548c3049922e4b69140e8e8d7829dc3084
7dad2bfabc1f7151a60e8716b5538570ae37a6bd17ac43f2fd9e03f250dfa40f
943d7089035380c9c75246a529c5d600f5c4539e851b00c0fee24e41084c7a77
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845
9c62e959c70407420a6b64c8f1909b09e01ead5e0ae4264e7264dc1aafe3ff27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d9765ce13d84740891e7705feba9166fad5c85b1d2ecb90369fce6bd87a3fd
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
b3ddfbad28752ea127cc9eec8881a059af0bd39f23b20c12b157c5dd4e306331
cb7a5317366639a289f7bd4be82ddd086ddd6702d56a4d3942a8dfa738ff65bb
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d3c293873508c7b2efd6c04b16b0387438cfa2f908ce008c5bc26463373a784a
d4197f85b580aa99166a6ca1c2ffb9a3029e347d73dbd646cbfb5d7c635a9215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcb9f640fce15974a611a17edbeeda9b4825cd4125da3f9caeffac1b5fdac7e3

system-rescue.org Open in urlscan Pro 13.226.145.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

58 Requests

100 %HTTPS

82 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

802 kBTransfer

1790 kBSize

5 Cookies

20 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

system-rescue.org Open in urlscan Pro
13.226.145.13 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

802 kB
Transfer

1790 kB
Size

5
Cookies

58 HTTP transactions
3 data transactions