urlscan.io logo urlscan.io
SecurityTrails logo

ad.doubleclick.net Open in urlscan Pro
142.250.184.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantse...
Submission: On December 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 142.250.184.198, located in United States and belongs to GOOGLE, US. The main domain is ad.doubleclick.net.
TLS certificate: Issued by GTS CA 1C3 on November 29th 2021. Valid for: 3 months.
This is the only time ad.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
googleads4.g.doubleclick.net
2    18.203.217.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-217-143.eu-west-1.compute.amazonaws.com
regions.demdex.net
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
7 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
3 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
2 regions.demdex.net 1 redirects ad.doubleclick.net
2 googleads4.g.doubleclick.net ad.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 s0.2mdn.net ad.doubleclick.net
1 ad.doubleclick.net
16 7

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
Subject Issuer Validity Valid
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Frame ID: 2293E5C054B6296A60F5FCE033B665AB
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6DA3CAC0A7A802F67A401C7E09406FA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: F22283B61616EBB04521D1E33E9DAD40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advertisement

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

16
Requests

94 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

159 kB
Transfer

367 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://regions.demdex.net/event?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623 HTTP 302
  • https://regions.demdex.net/firstevent?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request r
ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/ 		44 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
510b8eb12d429f0d0a2ee271d5d242314748a51b9e1f80da982005b3cb8a085f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 23 Dec 2021 23:06:48 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
21860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
12016153897595148950
s0.2mdn.net/simgad/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12016153897595148950
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37860346b3d7ac5b20f98d5014aca64369fce0cd821a30625596d5110f71e46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:28:25 GMT
x-content-type-options
nosniff
age
549503
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30365
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 18:36:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Dec 2022 14:28:25 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/xfa/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4150
x-xss-protection
0
server
cafe
etag
7197913981456707621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 18:10:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 22:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 22:58:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 23:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 23:06:48 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszlRaozRvUiXfnb8XeAND9Wh5AJbmw2_8Kn3mrxXsZ88xuiYpcTf2M8d41OowcQseSn5clp2WIhlR8HfckskK9hQKslbjwHpdIyYM7ufTP&sig=Cg0ArKJSzHnaIDCI82TgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211207.43571&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 23:06:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
firstevent
regions.demdex.net/
Redirect Chain
  • https://regions.demdex.net/event?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623
  • https://regions.demdex.net/firstevent?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623
42 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regions.demdex.net/firstevent?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
HTTP/1.1
Server
18.203.217.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-217-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v026-0bcca82b0.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LLZ0O7UXRJo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v026-0da4e48b4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7MxO2byFS7A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://regions.demdex.net/firstevent?d_event=imp&d_src=495453&d_bu=479255&d_campaign=25099019&d_creative=153730254&d_placement=309525109&d_site=6522305&d_adsrc=495454&d_bust=409177623
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:13:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d11b5593b0b8282d45f0ae2cb908f1ee4c86ad7e259145678bdef314bf207b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 23:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4513
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F6DA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 21 Dec 2021 15:13:54 GMT
expires
Wed, 21 Dec 2022 15:13:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
201174
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszlRaozRvUiXfnb8XeAND9Wh5AJbmw2_8Kn3mrxXsZ88xuiYpcTf2M8d41OowcQseSn5clp2WIhlR8HfckskK9hQKslbjwHpdIyYM7ufTP&sig=Cg0ArKJSzHnaIDCI82TgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&vt=11&dtpt=113&dett=2&cstd=0&cisv=r20211207.43571&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1035034.151350QUANTCAST/B25099019.309525109;dcopt=;sz=728x90;click=https://exch.quantserve.com/r?;a=p-5c2TjSN4VvduY;labels=_qc.clk,_click.adserver.rtb,_click.rand.23636;rtbip=192.184.73.63;rtbdata2=EAw6E2h0dHBzOi8vd3d3Lm1zbi5jb21aKHNEVVlfYkExR2E2clBSRDZzelVNcWJZeVE2cXJaeFA5NHowcTNJYk6AAZOox9IEqAG1lfcEugEYWUoxZ2hhRXZTVng4c3JwQWJydXQzd0FBwAHs9ifIAdH358rLL9oBJDNmNTJkY2ZhLWM5MmQtM2ZhYy1kNGQ4LTc0ZjQwZDRhYTdmOOgBZLACCLoCBMC4ST_IAgDQAs7hhvv4n_fMqQHoApO-AfICDgjroyMQ5Om3_9um55kT8gIOCJO-ARCfjZS-gfu06jT4AgCKAwYxODM4NzWYAwCoAwCyAwSMwowjugMSCcpAANmIb3mmEUguOog5TnOmwgMSCV9JERF-2LHeEdsuGXfS1iCvyAPhi4AQ2APUuAHiAw9wLTVjMlRqU040VnZkdVnqAwUI2AUQWvIDAPgDAIAEqAOKBAQxMTc5mgQSCVFFCxYrkFT9EXGh72A_fwuRogQSCcpAANmIb3mmEUguOog5TnOmqgQSCcpAANmIb3mmEUguOog5TnOmuATQBdAEBvIEAlVTkAUB;redirecturl3=;ord=612972;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 23:06:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame F6DA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 20:59:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
7665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 20:59:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 23:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 23 Dec 2021 23:06:48 GMT
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame F222 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
39618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 12:06:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F6DA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUtl7CAHFYYekGtqD7_UP58GGsAUAAAAAOAHgBAI&bg=!dnWldTHNAAZKWFskSlg7ACkAdvg8WpL24dq3d8iRq51mOcSVG8s2VgI4Rs1G1z0VdvCytbLkTOIkKAIAAABkUgAAABFoAQeZArJPXzzreGj2gyVtx31aUJ8UOo9bN_3c3q04tCPe4f4wicdBvr98w7vy0VarbvLKN_DD4PDf5uILQo0bZPH4PoONT7cRfeRZ001itXc5n0ES7WjYywszKuLZrYNzuTtw2ZD9h93XG52n40Bnfdwvld5Hbki58uXj3fKFTr9Fb_jauPc6hB387yZseAgiOIykYF6TY4nkYZn-J6-1zjAAAzDxm-toSrV_tWpQybP-MVLAgsbseGJf-uW0nK4if9jk0l3cX0Dl-cTd1vlp_9RcydJAWsnc1HUBs9HKFAKZS6vV2HTUgeaJMICTxV4-lOgn_8G5g60IckmTzP9SXGf1Bzd7tCDCjmk-sLh6m_nSHm7Iocv7TE3oMz2IC_irrqXTMHZ9Z2FXySjJUdSZAwgF2ElvcPUuwo6UeiOKtyFumtZhVa2lL61YtujGiTvOoTA5EnUDwJOOd6atmWhMcdF03UWQcMAqlvWhZKnIe2E5cXvtnYcCGyEP8qK_BDr0y0_evzkgFpxawP2aJ3WTWN-H0jfXa6sWcljb-Ptt1ndpuVwzR_bgfZYp0Ayp7dMfj9AmL3yTdZlIndf4FSyPUq-FqB0moxP0q69PGt8adRq37fjBeR0DYNkLfFQkp84eRQjjMH_YqahpVPaR_1AzrcBJNTSlIbCaWHKNjj7FOcHlfOTAJ1mly0E0CQajM0qfdOQLO0HmsrVck9TyNqrswZuEAeHCWV11268gzK4I7f72RhPE9OHX_9QNMPHdomaFaXbDfVA8zA_fOgb0VErlKPc9334jlEJWCPNxhJ9ejmJi1rjT40Gp9bzZlPzkcbOqiFThDobewpzacn5RPXHDYKWmbS2Kb9yhup_EOuwx4Lkip2saHGMhs56NhnEdW7rmI0XiOVY2-zhPrRzbrmK6EFdO2yZ5w88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 23:06:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQomWTkS-8ec11kuzgNSOQWkYNRjTSrk_vGlyoUszTZCncI2-dRGaZRoB9LosIUnIhmLKr72OxIl2lfz4Dk4E&sig=Cg0ArKJSzMIsB2aLVPGgEAE&id=lidar2&mcvt=1000&p=0,0,90,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640300808367&rpt=331&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 23:06:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| stcc function| ait function| ast object| google_image_requests object| GoogleTyFxhY function| omrhp number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| GoogleA13IjpGc

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.demdex.net/ Name: demdex
Value: 06552892026975859840335818313144336877
.regions.demdex.net/ Name: regions
Value: 06552892026975859840335818313144336877

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0