grammarly.99lb.net Open in urlscan Pro
220.200.129.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://grammarly.99lb.net/
Submission: On June 30 via manual (June 30th 2023, 5:10:37 am UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 94 HTTP transactions. The main IP is 220.200.129.225, located in Yinchuan, China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is grammarly.99lb.net.

This is the only time grammarly.99lb.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	220.200.129.225 220.200.129.225	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 19	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
94	15

33 220.200.129.225 (Yinchuan, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

grammarly.99lb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:a162 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	99lb.net grammarly.99lb.net	1 MB
31	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	487 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	127 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	121 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 113 mts0.google.com — Cisco Umbrella Rank: 4234 www.google.com — Cisco Umbrella Rank: 10	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7415	12 KB
2	sci-hub.shop 1 redirects img.sci-hub.shop — Cisco Umbrella Rank: 409581	3 MB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	599 B
94	10

	Domain	Requested by
33	grammarly.99lb.net	grammarly.99lb.net
19	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	grammarly.99lb.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com grammarly.99lb.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	grammarly.99lb.net googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	hm.baidu.com	grammarly.99lb.net
2	adservice.google.com	pagead2.googlesyndication.com
2	img.sci-hub.shop	1 redirects grammarly.99lb.net
1	www.google.com	tpc.googlesyndication.com
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
94	14

This site contains links to these domains. Also see Links.

Domain
check.99lb.net
wpa.qq.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://grammarly.99lb.net/
Frame ID: C2DB0FFCE92120B469B22A81D657209B
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: F47CE872CBD9482014F55B4C66340325
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&h=280&slotname=2694777106&adk=2196675615&adf=3740378997&pi=t.ma~as.2694777106&w=1200&fwrn=4&fwrnh=100&lmt=1686553154&rafmt=1&format=1200x280&url=http%3A%2F%2Fgrammarly.99lb.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1688101828028&bpp=16&bdt=885&idt=309&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&correlator=5514353919258&frm=20&pv=2&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ENjeqE2fHA&p=http%3A//grammarly.99lb.net&dtd=330
Frame ID: B06C22BB59D460F7AC30624A2915AE62
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&adk=500185983&adf=369576039&lmt=1686553154&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fgrammarly.99lb.net%2F&ea=0&pra=7&wgl=1&dt=1688101828504&bpp=2&bdt=1361&idt=2&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5514353919258&frm=20&pv=1&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=11
Frame ID: CC2E42A80E70F779E65BBA749107C90C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: A993663D6A269C5C67594B904F740796
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 17AC6838A108CFDB586D2678B2E73606
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6759586132F6D60DBC1861AB6F59426B
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: ADAF94B23902776BA38E2A3117AA32F1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 3979682B522C1A266007526C6F6A86B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DEA84F4962F03CF1FA07C8D207E1A33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 254CBC847F62E24A7700F8CAEA8D9979
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grammarly中文网

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

63 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

15
IPs

4
Countries

5475 kB
Transfer

8420 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://check.99lb.net/grammarly/
Title: grammarly在线检测

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=2596137800&site=qq&menu=yes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

http://img.sci-hub.shop/business_short.mp4 HTTP 301
https://img.sci-hub.shop/business_short.mp4

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODaiJ_WmAEQiCcY4gkyCLNz_LxF1sIs HTTP 301
https://tpc.googlesyndication.com/simgad/7165115664506479588

94 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
grammarly.99lb.net/ 31 KB
8 KB 2371ms
209ms Document
text/html 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 688c317800abb59cd1f833b612e453c274403dcfa49e12c58906b1d270b3a64b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7933
Content-Type: text/html
Date: Mon, 12 Jun 2023 07:09:42 GMT
Etag: W/"6486c242-7d9c"
Last-Modified: Mon, 12 Jun 2023 06:59:14 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache-Lookup: Cache Hit
X-NWS-LOG-UUID: 4113763855078192033

GET
H/1.1 200
OK bootstrap.css
grammarly.99lb.net/assets/vendors/bootstrap/ 779 KB
174 KB 203ms
203ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/bootstrap/bootstrap.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: be3edfa5ad3f7a86b0afc35223059df2d00ce518792623656fc1d7a4e5c3951c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 11:32:13 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-c2ac1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 120167269254347601
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 178241
Expires: Mon, 27 Mar 2023 23:32:13 GMT

GET
H/1.1 200
OK all.css
grammarly.99lb.net/assets/vendors/fontawesome/css/ 67 KB
12 KB 205ms
204ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 0d52b5daceb55aac268f75c8d3367d3051669cd1fca6e17f7911d30787ed2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:28:01 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-10a93"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 6410003464869106748
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12358
Expires: Thu, 08 Jun 2023 12:28:01 GMT

GET
H/1.1 200
OK flaticon.css
grammarly.99lb.net/assets/vendors/flaticon/ 1 KB
845 B 398ms
201ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/flaticon/flaticon.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: ee01f4c052fca1d0520c535ba7662796741fb7df953fb03813fa28ea3024e715

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:28:01 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-4e0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 403960108471632611
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 421
Expires: Thu, 08 Jun 2023 12:28:01 GMT

GET
H/1.1 200
OK animate.css
grammarly.99lb.net/assets/vendors/animate-css/ 56 KB
5 KB 406ms
200ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/animate-css/animate.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:28:01 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-df07"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 16696989037337530407
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4340
Expires: Thu, 08 Jun 2023 12:28:01 GMT

GET
H/1.1 200
OK owl.carousel.min.css
grammarly.99lb.net/assets/vendors/owl/assets/ 3 KB
1 KB 425ms
214ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/owl/assets/owl.carousel.min.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 22 May 2023 08:57:20 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-d17"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 13512922131450493834
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1068
Expires: Mon, 22 May 2023 20:57:20 GMT

GET
H/1.1 200
OK owl.theme.default.min.css
grammarly.99lb.net/assets/vendors/owl/assets/ 1013 B
881 B 882ms
660ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/owl/assets/owl.theme.default.min.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 23:06:30 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-3f5"
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 3627862998187560303
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479
Expires: Thu, 30 Mar 2023 11:06:30 GMT

GET
H/1.1 200
OK style.css
grammarly.99lb.net/assets/css/ 332 KB
68 KB 450ms
225ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/css/style.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3b8caf8b20dd49522df4715b2241de74f1360751b0452fbe0a0a4444a11bd054

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:57:05 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Fri, 06 Aug 2021 02:19:56 GMT
Server: nginx
Age: 1547137
Etag: "610c9c4c-5302a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 1684640641727339029
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68916
Expires: Fri, 02 Jun 2023 11:57:05 GMT

GET
H/1.1 200
OK responsive.css
grammarly.99lb.net/assets/css/ 20 KB
5 KB 597ms
198ms Stylesheet
text/css 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/css/responsive.css
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 4d0fd5d3550415088ab7338d3dc622b7d52662e57a11d97cc6b6be5eb267b21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 11:32:13 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-5192"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 15973770607958471398
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4938
Expires: Mon, 27 Mar 2023 23:32:13 GMT

GET
H/1.1 200
OK grammarly_logo.svg
grammarly.99lb.net/assets/images/ 5 KB
5 KB 242ms
202ms Image
image/svg+xml 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/grammarly_logo.svg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: b32771f24e9182ea6f2d7c397582afadd772d293418549099e02131881f4d868

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:07:40 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Wed, 17 Mar 2021 06:15:42 GMT
Server: nginx
Etag: "60519e8e-1254"
Content-Type: image/svg+xml
X-NWS-LOG-UUID: 4697506968509845397
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4692

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 221ms
133ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2160b1330f7b4dd76cf666b67069b171b99864d18f709da6da37cba3edc44bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49108
x-xss-protection: 0
server: cafe
etag: 12294041328886780242
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:27 GMT

GET
H/1.1 200
OK video-placeholder.png
grammarly.99lb.net/assets/images/ 134 KB
134 KB 204ms
204ms Image
image/png 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/video-placeholder.png
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: bca72ffee1b617118c7442f98f2b6a5b001ca2183d5aabd46e4cbb5a0d974109

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 05:30:04 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Wed, 17 Mar 2021 10:04:40 GMT
Server: nginx
Age: 1528685
Etag: "6051d438-21876"
Content-Type: image/png
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 4943692598100391513
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137334
Expires: Tue, 30 May 2023 05:30:04 GMT

GET
H/1.1 200
OK screen.gif
grammarly.99lb.net/assets/images/ 308 KB
309 KB 201ms
200ms Image
image/gif 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/screen.gif
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 598518d24800833845c127af2ca81859c2436e9d92712568cc17aff4ea2657d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 01:26:52 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Wed, 17 Mar 2021 09:59:16 GMT
Server: nginx
Age: 1528685
Etag: "6051d2f4-4d092"
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 3586306680112956642
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 315538
Expires: Sun, 07 May 2023 01:26:52 GMT

GET
H/1.1 200
OK Jeane.png
grammarly.99lb.net/assets/images/ 6 KB
7 KB 212ms
212ms Image
image/png 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/Jeane.png
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 715c10542551d1bb0ba4823ced2906455bf5f3323b834d25fc4af87aa55d03b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:26:54 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Thu, 18 Mar 2021 06:16:20 GMT
Server: nginx
Age: 1528685
Etag: "6052f034-19fc"
Content-Type: image/png
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 3271672861459041828
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6652
Expires: Fri, 05 May 2023 01:26:54 GMT

GET
H/1.1 200
OK Tania.png
grammarly.99lb.net/assets/images/ 3 KB
3 KB 224ms
224ms Image
image/png 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/Tania.png
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 1833b9f7e4babb529720573dc68f55649c43ad6de2f0374d53dc92d82ffb61e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 23:52:04 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Thu, 18 Mar 2021 06:29:10 GMT
Server: nginx
Age: 1528685
Etag: "6052f336-a71"
Content-Type: image/png
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 10362447676488111004
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2673
Expires: Fri, 05 May 2023 23:52:04 GMT

GET
H/1.1 200
OK test-3.jpg
grammarly.99lb.net/assets/images/clients/ 36 KB
36 KB 201ms
201ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/clients/test-3.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: b2b6f2328a94fb2711ddd60ccaec59086bffdf83371788f72fcf841059168d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 10 Jun 2023 14:54:49 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1528685
Etag: "5f94d59e-9074"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 11029784928048193065
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36980
Expires: Mon, 10 Jul 2023 14:54:49 GMT

GET
H/1.1 200
OK test-1.jpg
grammarly.99lb.net/assets/images/clients/ 39 KB
40 KB 201ms
201ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/clients/test-1.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: a69e9b823bc3c6a9a326f18f927691722882ec22f02a6c46aa95613b4cd96ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 09:13:27 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 331021
Etag: "5f94d59e-9d4b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 9221811858740954970
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40267
Expires: Wed, 26 Jul 2023 09:13:27 GMT

GET
H/1.1 200
OK blog1.jpg
grammarly.99lb.net/assets/images/blog/ 47 KB
47 KB 225ms
225ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/blog/blog1.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 7e77239fa3ac2517a65674e4b3e98e731a8c28f1a98ff4174da0580f3170b702

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 23:52:16 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-bbaf"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 5283216211548549401
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48047
Expires: Sat, 06 May 2023 23:52:16 GMT

GET
H/1.1 200
OK blog3.jpg
grammarly.99lb.net/assets/images/blog/ 51 KB
52 KB 215ms
214ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/blog/blog3.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: e50af7120a794bf408aad2dbc928a36d07d39e3e8902d529138fd8d3cda63b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Apr 2023 05:56:48 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-cde5"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 9508549530457110978
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52709
Expires: Mon, 01 May 2023 05:56:48 GMT

GET
H/1.1 200
OK blog2.jpg
grammarly.99lb.net/assets/images/blog/ 49 KB
49 KB 223ms
223ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/blog/blog2.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: c836199727c2ba9c01f6e9b1b8c3b65f8f9f3c1710f9d8b948ab1483095cb824

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 10 Jun 2023 14:54:49 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-c252"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 11343756863998077111
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49746
Expires: Mon, 10 Jul 2023 14:54:49 GMT

GET
H/1.1 200
OK button_11.gif
grammarly.99lb.net/assets/images/ 3 KB
4 KB 201ms
200ms Image
image/gif 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/button_11.gif
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 8bf0c34a65b26d415deffefe27bbe423b29d990af2ab18b63d9cfa616df7ec07

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 10:26:16 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Thu, 05 Aug 2021 02:04:22 GMT
Server: nginx
Age: 1528685
Etag: "610b4726-cff"
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 5895289091228482104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3327
Expires: Fri, 28 Apr 2023 10:26:16 GMT

GET
H/1.1 200
OK jquery.js Show response
grammarly.99lb.net/assets/vendors/jquery/ 68 KB
24 KB 201ms
200ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/jquery/jquery.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: c3f2b5e1cf5eb3ef97a07cc831a3260341ba11af67763bc05ef3e9e55dba8c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 22 May 2023 08:57:20 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-1111f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 785450597564700150
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24070
Expires: Mon, 22 May 2023 20:57:20 GMT

GET
H/1.1 200
OK bootstrap.js Show response
grammarly.99lb.net/assets/vendors/bootstrap/ 502 KB
160 KB 213ms
213ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/bootstrap/bootstrap.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 8be6580f93f419533b8816d840f1c93d5fe16b949aec7da1c560264f5d368e23

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 07:44:27 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: W/"5f94d59e-7d7ea"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 10762415810012893523
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163028
Expires: Tue, 06 Jun 2023 19:44:27 GMT

GET
H/1.1 200
OK waypoint.js Show response
grammarly.99lb.net/assets/vendors/counterup/ 18 KB
4 KB 201ms
201ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/counterup/waypoint.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: ef0f9d63d5d10b79c550749ad62c1509b4b7a07ce4dc327b4b4f6d08a4ec3cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 21:18:54 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-48af"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 9166916403158373206
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3717
Expires: Tue, 06 Jun 2023 09:18:54 GMT

GET
H/1.1 200
OK jquery.counterup.min.js Show response
grammarly.99lb.net/assets/vendors/counterup/ 1 KB
1017 B 229ms
229ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/counterup/jquery.counterup.min.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 01 May 2023 07:21:57 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-42b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 16724518437367154464
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 577
Expires: Mon, 01 May 2023 19:21:57 GMT

GET
H/1.1 200
OK jquery.isotope.js Show response
grammarly.99lb.net/assets/vendors/ 124 KB
26 KB 298ms
297ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/jquery.isotope.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 6391a14f3145368584d7c741b4a7450c6e348b1970d3db57ab740a604ddd83e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 22 May 2023 08:57:20 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-1f073"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 10338594104024801528
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26589
Expires: Mon, 22 May 2023 20:57:20 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
grammarly.99lb.net/assets/vendors/owl/ 43 KB
13 KB 201ms
201ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/owl/owl.carousel.min.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 02:44:46 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: W/"5f94d59e-ad36"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 15221978152449832464
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13238
Expires: Mon, 05 Jun 2023 14:44:46 GMT

GET
H/1.1 200
OK map.js Show response
grammarly.99lb.net/assets/vendors/google-map/ 3 KB
910 B 224ms
224ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/google-map/map.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: a494ef512dcccf9bcada36df97306f6816f4e43c1bf91f3a3ad01f579b2e5df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 11:32:14 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547137
Etag: "5f94d59e-b0d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 1540001886720811936
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 471
Expires: Mon, 27 Mar 2023 23:32:14 GMT

GET
H/1.1 200
OK script.js Show response
grammarly.99lb.net/assets/js/ 4 KB
1 KB 222ms
222ms Script
application/javascript 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/js/script.js
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: ea96e4023f4da2fdbbf582cc59f1eb6f3b38f286adab9bdc98d04a5aa95f716e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 30 May 2023 13:01:20 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1547136
Etag: "5f94d59e-eaa"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
X-NWS-LOG-UUID: 18068608144565000147
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1008
Expires: Wed, 31 May 2023 01:01:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame F47C 10 KB
5 KB 127ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 01:38:28 GMT
etag: 12368291122986407432
expires: Fri, 14 Jul 2023 01:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK fa-solid-900.woff2
grammarly.99lb.net/assets/vendors/fontawesome/webfonts/ 73 KB
73 KB 222ms
200ms Font
font/woff2 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 13:35:48 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Etag: "5f94d59e-1226c"
Content-Type: font/woff2
X-NWS-LOG-UUID: 6203273547352011916
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74348

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 145ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kumbh+Sans:wght@300;400;700&family=Questrial&display=swap

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

780a6dde487d89147eb1bc2ff7c0b33a44f0f7b0e959b1b57360dae207d93879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 05:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 05:10:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 05:10:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/ 346 KB
119 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9629105312034481&plah=grammarly.99lb.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1614a881b35c90100ed2c29529cfa7148b0a4331eb46ab7834c44225be84094f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121609
x-xss-protection: 0
server: cafe
etag: 2098529983326182189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:28 GMT

GET
H/1.1 200
OK bg-2.jpg
grammarly.99lb.net/assets/images/banner/ 128 KB
129 KB 236ms
229ms Image
image/jpeg 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://grammarly.99lb.net/assets/images/banner/bg-2.jpg
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/css/style.css
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: fc9512205f04d9eca951a4b5d31ffe6475134f6272a251eb8e9bffaaedd2dc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 07:59:19 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Age: 1528684
Etag: "5f94d59e-20184"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: 13911759576350317274
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131460
Expires: Thu, 06 Jul 2023 07:59:19 GMT

GET
H2 200 c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
fonts.gstatic.com/s/kumbhsans/v20/ 30 KB
31 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v20/c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kumbh+Sans:wght@300;400;700&family=Questrial&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dec328ab39c0f84d7ff319c4e46e2a490a7b31c5ea73f1ad1f5bb76e7d4b861d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 10:41:29 GMT
x-content-type-options: nosniff
age: 584939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31044
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:38:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 10:41:29 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 178ms
84ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kumbh+Sans:wght@300;400;700&family=Questrial&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 02:15:10 GMT
x-content-type-options: nosniff
age: 10518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jun 2024 02:15:10 GMT

GET
H/1.1 200
OK fa-regular-400.woff2
grammarly.99lb.net/assets/vendors/fontawesome/webfonts/ 13 KB
14 KB 319ms
199ms Font
font/woff2 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0

Request headers

Referer: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 13:27:23 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Etag: "5f94d59e-3518"
Content-Type: font/woff2
X-NWS-LOG-UUID: 10557703419791880306
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13592

GET
H/1.1 200
OK fa-brands-400.woff2
grammarly.99lb.net/assets/vendors/fontawesome/webfonts/ 70 KB
71 KB 327ms
203ms Font
font/woff2 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer: http://grammarly.99lb.net/assets/vendors/fontawesome/css/all.css
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 08:29:11 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Etag: "5f94d59e-119b0"
Content-Type: font/woff2
X-NWS-LOG-UUID: 13874067065909049138
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72112

GET
H/1.1 200
OK Flaticon.woff2
grammarly.99lb.net/assets/vendors/flaticon/ 3 KB
3 KB 384ms
212ms Font
font/woff2 220.200.129.225
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://grammarly.99lb.net/assets/vendors/flaticon/Flaticon.woff2
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/assets/vendors/flaticon/flaticon.css
Protocol: HTTP/1.1
Server: 220.200.129.225 Yinchuan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: cbaca64970fba3bfc036561dbadd825084b1484db9b95aa65dd02b3fdcb05bff

Request headers

Referer: http://grammarly.99lb.net/assets/vendors/flaticon/flaticon.css
Origin: http://grammarly.99lb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 02:18:46 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Sun, 25 Oct 2020 01:32:14 GMT
Server: nginx
Etag: "5f94d59e-ccc"
Content-Type: font/woff2
X-NWS-LOG-UUID: 13839299578829064575
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3276

GET
H2

206

business_short.mp4
img.sci-hub.shop/
Redirect Chain

http://img.sci-hub.shop/business_short.mp4
https://img.sci-hub.shop/business_short.mp4

3 MB
3 MB

769ms
685ms

Media
video/mp4

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/business_short.mp4
Requested by: Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501425a4bccac9deb6bf8bc0ed72da81d8a35b676dc62af00fa98fe4d20a7306

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:28 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Mar 2021 10:04:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6051d440-2ff222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tC0HcUFFHz%2F9cJzOqLOCiYFTg01rKEqzLcqWlRuJ16LvjR71AxzxNbNGy%2FDk%2FlIOz3D%2F3r7LQwjZVzyjKK61KZowk7ba%2Fe6ngBm1fnhZ%2Burz348pcYCiCaimPqA63FpTFFEVwv67pN1u3fHUSM5"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-3142177/3142178
cache-control: max-age=2678400
cf-ray: 7df3e72b189e2bb9-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 3142178

Redirect headers

Date: Fri, 30 Jun 2023 05:10:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWqgXO2HepQbqD1ykliRgIUJmJvSi3y%2FstNnmDtv5f0AiF6dgITTwY8Q53zz3GXuQ5A3ixs0Yq7yd2TlmRjx4Tg21xkhe3aik9CIeQbBuKD8p0aiD%2B5UAtOztTjHe%2B%2BxJdnkkCC8cCY%2BguQeuRty"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/business_short.mp4
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7df3e72a295a3aa0-FRA
alt-svc: h3=":443"; ma=86400
Expires: Fri, 30 Jun 2023 06:10:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
599 B 136ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=grammarly.99lb.net&callback=_gfp_s_&client=ca-pub-9629105312034481

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9629105312034481&plah=grammarly.99lb.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7221b8038f303589a759d2c3729dc9061965ffdb715627f20aed9ccaffb3c255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 136ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grammarly.99lb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B06C 140 KB
43 KB 848ms
847ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&h=280&slotname=2694777106&adk=2196675615&adf=3740378997&pi=t.ma~as.2694777106&w=1200&fwrn=4&fwrnh=100&lmt=1686553154&rafmt=1&format=1200x280&url=http%3A%2F%2Fgrammarly.99lb.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1688101828028&bpp=16&bdt=885&idt=309&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&correlator=5514353919258&frm=20&pv=2&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ENjeqE2fHA&p=http%3A//grammarly.99lb.net&dtd=330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e195cca5e5267465811a967c8d67f558528fe142929930636dc8d0b7b10429c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43375
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 05:10:29 GMT
expires: Fri, 30 Jun 2023 05:10:29 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 4223ms
3360ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1d2cfe9f05d723ea8a6c5af098c8895f

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9f2e485ea733256947d36e98fa5de37e8940377a4f700cb6ebfb50cb25fe4352

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 05:10:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 7e15b5836d6e387e76c327467c4e9034
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11266

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC2E 281 KB
65 KB 892ms
892ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&adk=500185983&adf=369576039&lmt=1686553154&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fgrammarly.99lb.net%2F&ea=0&pra=7&wgl=1&dt=1688101828504&bpp=2&bdt=1361&idt=2&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5514353919258&frm=20&pv=1&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

258a49bb013e101ebcdf797dadfd43bf865bdbdf65834b2aa2feb618225c3743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 05:10:29 GMT
expires: Fri, 30 Jun 2023 05:10:29 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame B06C 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&h=280&slotname=2694777106&adk=2196675615&adf=3740378997&pi=t.ma~as.2694777106&w=1200&fwrn=4&fwrnh=100&lmt=1686553154&rafmt=1&format=1200x280&url=http%3A%2F%2Fgrammarly.99lb.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1688101828028&bpp=16&bdt=885&idt=309&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&correlator=5514353919258&frm=20&pv=2&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ENjeqE2fHA&p=http%3A//grammarly.99lb.net&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 05:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 04:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 05:10:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B06C 2 KB
973 B 133ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:27 GMT

GET
H2 400 data=kuUkGvSlJHf8iuvKtrxynSZ2_6j-ZKCzoJXtLDbHCyRNmdW5x-n4WBrASNOz-pRcJVh28yiLRNOSC0voKvhJTg
mts0.google.com/vt/ Frame B06C 0
0 135ms
48ms Image
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=kuUkGvSlJHf8iuvKtrxynSZ2_6j-ZKCzoJXtLDbHCyRNmdW5x-n4WBrASNOz-pRcJVh28yiLRNOSC0voKvhJTg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&h=280&slotname=2694777106&adk=2196675615&adf=3740378997&pi=t.ma~as.2694777106&w=1200&fwrn=4&fwrnh=100&lmt=1686553154&rafmt=1&format=1200x280&url=http%3A%2F%2Fgrammarly.99lb.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1688101828028&bpp=16&bdt=885&idt=309&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&correlator=5514353919258&frm=20&pv=2&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ENjeqE2fHA&p=http%3A//grammarly.99lb.net&dtd=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B06C 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B06C 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B06C 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B06C 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame B06C 23 KB
9 KB 123ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B06C 3 KB
1 KB 121ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B06C 20 KB
9 KB 115ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B06C 179 KB
57 KB 157ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:29 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame B06C 33 KB
14 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:00 GMT

GET
DATA 200
OK truncated
/ Frame B06C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef13528ee88cdee4588d072e4e8b11172c6897d28cb64bcc8caf9f0a223dfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/ 155 KB
53 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81ac3ce4c91fc502e75c355b586f780c833440f81fdcd1ec0d42e9b2759cd46c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53937
x-xss-protection: 0
server: cafe
etag: 8795205830959268388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:29 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B06C 33 KB
33 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 440790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 02:43:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B06C 0
23 B 86ms
86ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6TjNxGOeZPPZGMKUywWam7PIDa3m3qliyou56PcQ5-Le7fcKEAEg9MTFfWCVgoCAmAegAeip7PADyAEJqQJE4XrXqjqyPqgDAcgDywSqBOoBT9B56VIcG5veC5213jV5HZhenN-J-V3GEUq2DDv1CHANO0pT0l4ae00IYlrUghFaraBvA5OnwebzVEawRutOQRjVA368MZ0pyK4fEG2qtP3HJ1gRPly-s76JmkXZO7h4RsU5N7rk75AHhQ5evx5P6oc-T3KOlE8ohjqGwf8ENeCffH87wq9_ItTEPS014kx4Bsfd7ux91abtkbphRYGwu9j9P_PPWs1hfR8Gq9tkgfQRphMk3wdLbM_wqn35r8MxBhRezvc33PsjlPZ5jaELVAp5kFWCs4mrxvAxT-mWrmHGLEM7np2oNt5jwATJvfiX0AOSBQQIBBgBkgUECAUYBKAGLoAHgNaTD6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEI-PkALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi05NjI5MTA1MzEyMDM0NDgxGAA&sigh=1Z_FfYK7DNI&uach_m=[UACH]&cid=CAQSGwBygQiDX1IOUSaYv8x-LOwKX17neRfm5UIg5xgB&template_id=520&cbvp=2&vis=1

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9629105312034481&output=html&h=280&slotname=2694777106&adk=2196675615&adf=3740378997&pi=t.ma~as.2694777106&w=1200&fwrn=4&fwrnh=100&lmt=1686553154&rafmt=1&format=1200x280&url=http%3A%2F%2Fgrammarly.99lb.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1688101828028&bpp=16&bdt=885&idt=309&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&abxe=1&correlator=5514353919258&frm=20&pv=2&ga_vid=1320707369.1688101828&ga_sid=1688101828&ga_hid=1458051470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&oid=2&pvsid=2482358297656766&tmod=1901006544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ENjeqE2fHA&p=http%3A//grammarly.99lb.net&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 05:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 05:10:29 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame A993 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:04:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 3058ms
3058ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grammarly.99lb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 17AC 10 KB
4 KB 3056ms
3056ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 19:17:51 GMT
etag: 12368291122986407432
expires: Thu, 13 Jul 2023 19:17:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 6759 10 KB
4 KB 3065ms
3064ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 19:17:51 GMT
etag: 12368291122986407432
expires: Thu, 13 Jul 2023 19:17:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B06C 42 B
64 B 2278ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttpea2S6jtK7YIuxWTZedc3zuhRzcxvBjnkWlA-agqMzgc_K_1XHseCFjbdrFZMwGS296IVwvfaJThhm95EuI2VW0TfpD7T_V_CU7AegOzSiaJuhz0a-v6upW6mLmqxNH_t3HfJOJWXESn&sai=AMfl-YRw4suRxPY_ZC69z8Hf5lSDLnFD3vYUwMUynYszZKo8u4cp8l1mVlzWXThzTBtzaz0lZPWshFIsNVnS&sig=Cg0ArKJSzLjiRRROGsetEAE&cid=CAQSGwBygQiDX1IOUSaYv8x-LOwKX17neRfm5UIg5xgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2196675615&rs=2&la=1&cr=0&vs=4&r=v&rst=1688101828359&rpt=1182&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 05:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 17AC 4 KB
671 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 05:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 04:53:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 05:10:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 17AC 205 B
520 B 42ms
40ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:16:18 GMT
x-content-type-options: nosniff
age: 305654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:28:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Jun 2024 16:16:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 17AC 604 B
696 B 42ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:35:04 GMT
x-content-type-options: nosniff
age: 146128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:28:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Jun 2024 12:35:04 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 17AC 20 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 19:00:42 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 383ms
383ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1147321542&si=1d2cfe9f05d723ea8a6c5af098c8895f&v=1.3.0&lv=1&sn=51303&r=0&ww=1600&u=http%3A%2F%2Fgrammarly.99lb.net%2F&tt=Grammarly%E4%B8%AD%E6%96%87%E7%BD%91

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 05:10:32 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame 6759 4 KB
632 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 05:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 04:56:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 05:10:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6759 2 KB
931 B 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6759 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM3w4xGOeZMSkItKQygWroZhYpbi7m3H0oPrbxhG65NLgsgEQASD0xMV9YJWCgICYB6AB1ZT-xwPIAQapAkTheteqOrI-qAMByAMCqgTtAU_QmVCFe83vtTGm4TF4a1K5A6XbVkxlGaTg9HMhnTe7BhsbbotyvOu-xliMFVSGqdoVPyqjXaA9dcTpvI3SV4CV4FtRr2wctk1tXakYm5XdLZr0xO8L1h1USuDbqePD6YlIOeRTAtILSO7fJimic7uVo99sT6uwTuqVGhV3uX-kWDPUzvbMscGsycyNB8KkPqxiVk-sbdpsRTYpTvGukUCATdF0u29Ugp6dwVCefgJGclO5HQSRZOuxRwNtSLPcT_vCcZb8apiOngtUiqVbzNfeuLN9QBfNvgOpy-MR4YfZqw_Q1SQkCHvC5XBrBcAE6_G066oEkgUECAQYAZIFBAgFGASgBjeAB7y_qS6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQy40z0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC4gUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NjI5MTA1MzEyMDM0NDgxGAA&sigh=I85vobNq5u8&uach_m=[UACH]&cid=CAQSGwBygQiDf-Uu-CCovS8fERNXaQIRorn_2OKglhgB&template_id=493

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 05:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 6759 23 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6759 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6759 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6759 179 KB
56 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:32 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 6759 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:00 GMT

GET
H2 200 3854392138228555310
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6759 4 KB
5 KB 54ms
53ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/3854392138228555310

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16304e2c2603abe5b8cb4b6eb4c99f4360b3f73aa3e11f4ad94f028029b3f3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:58:24 GMT
x-content-type-options: nosniff
age: 544328
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4343
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:19:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jun 2024 21:58:24 GMT

GET
H3

200

7165115664506479588
tpc.googlesyndication.com/simgad/ Frame 6759
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODaiJ_WmAEQiCcY4gkyCLNz_LxF1sIs
https://tpc.googlesyndication.com/simgad/7165115664506479588

129 KB
129 KB

40ms
40ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7165115664506479588

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fe6d420537183c8e42c9b4f1910b8fddd400f5e7c3fdd5e8b8b186803ef3ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 14:22:05 GMT
x-content-type-options: nosniff
age: 226107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132288
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 09:56:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Jun 2024 14:22:05 GMT

Redirect headers

date: Thu, 29 Jun 2023 06:34:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7165115664506479588
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 29 Jul 2023 06:34:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ADAF 6 KB
706 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 05:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 04:53:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 05:10:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame ADAF 2 KB
926 B 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame ADAF 23 KB
9 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame ADAF 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame ADAF 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADAF 179 KB
56 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:10:32 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame ADAF 33 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:00 GMT

GET
DATA 200
OK truncated
/ Frame 6759 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c41388710a29139e5e4ac910b1d502a808f15d13cd36b1e8d2c248faeb5983

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3979 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: grammarly.99lb.net
URL: http://grammarly.99lb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:04:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 89ms
89ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0d385506cd22e525a7c37514b7d681b55d7496674a038a809cb372fec41612a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11393
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 05:10:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DEA 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 254C 783 B
1 KB 141ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16540ec71f97643e62cf81f8288dd2dffac71fef4c8089329e9bfd29ca6ac1f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EE1gXeDDCCoxNZ8kk6o8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://grammarly.99lb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-EE1gXeDDCCoxNZ8kk6o8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 05:10:33 GMT
expires: Fri, 30 Jun 2023 05:10:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DEA 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:04:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 254C 0
0 74ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=2482358297656766&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1DEA 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Nb_MuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:10:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6759 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwhJTZdIXBffCj5LVkRrGyA_4d5vx-rJ_dM1akmavXVBqT4KwhrURYdhPAGObBrjNUNVQt7tkhzfjE0RGanTUZ-61lA7z5KMDlypV5E15V-lDaufAjwaDi6djb3B7cMgQDJhl9oPb95bGu&sai=AMfl-YRK7xgM2Lbws2kf14YerYQ18ky3sQKbniukhq_mTGM1yEnG2qzkTCQ__A8P4YIer9NqHa8lD_r5KqBH&sig=Cg0ArKJSzLS3J97y47l0EAE&cid=CAQSGwBygQiDf-Uu-CCovS8fERNXaQIRorn_2OKglhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=500185981&rs=2&la=0&cr=0&vs=4&r=v&rst=1688101829678&rpt=3278&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 05:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
80ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=2482358297656766&bg=!CwilCFzNAAb90kgr3dI7ADkAdvg8WkO6mqL83DFBZUr2zWoGVgvAdYCC5_Ykp1XfzRFAR2gIQZXL9RGUqMDLNC0CH-1yQGVKR34CAAAAYlIAAAACaAEHmQKrVqZDD3uToW-bY9bZViEv6xCX0s5thJq6_C9yhguvZgWXxSYni-N6lCsIn-wWtyuG3y6kxMghg_YIRQQuKPp0FrkRYvMh0NODQXgsGvajvpuLnDqc1vAMvjJvNyULt9Qul5j3-ohvdjC_-oJIqpmyrQr47Kx7GzS23GCK89Rz0_ohZF__gQGsCuaDhEQjYh4WCq7MIuoxjMz2QIkhc4Fp7j2Pmd0X8JzD4fupI6r-K2_ufSR_JqP79iGtl6chlTy8_CftTmxbz8wwwxGdyMEHyusK60LcNbCoZ8-N2wNP3aUPWOAh6sNP-mWMM3arVSccJAjwmPWRSKx8AM7GbDdTkg9RBCDs0cZhbmvOAeRQVsBo5PTHExhgFP-pdzxHXyMLbjnaALPp9v7d0kmz1aZFrNxQdkejASGYoaEaQmNmhFd8sPrXkm195aZSI9QU8_3r1EhXpxMJTMd6w3hY8dbFGkhu1qRlxq6KaD0BYetC1g8m6NQtzP0euNPKotTKIWuQmiCQGoVdPeixu5q6g-BxRfvxXoub6Aey4Wx-vWnxyUAoqYYDIx1Hm4UX_kuNnMDvi4WlsrDQFt6ObaunWmHmogdYtPAousheIWmBCXT3fhN405CqdgQocTWloQSD0DiBfFYaRG12hTqpzvbspzCHukZR1u36FZQhDYlvcNjcWh5yZ2pNX8rNPr_zeHL5UYGAQG8aFod0wjfhbhNibz4xhQHzHODP8JORC1uJLH9sib5tw7T4oz3kDL8pquvjoLj-1tgmWEt6JHGEFz2LNWAxWogDkRXW8zsGOZOflwZI-Q2bdUTyXxFDnR8GiPZQ4AcNJRgnMy1sZ8r0tzWXXIqVXpDuiw0IpRYyQaaeKuuhAYala1jRJvfoEZ-UW_5W7PXrpyIvsJvzRLXUUAk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-9629105312034481&su=grammarly.99lb.net&eid=44759876%2C44759927%2C42532279%2C44759837%2C42532277%2C44788441%2C44769662&doc=complete&pg_h=6351&pg_w=1600&pg_hs=6351&c=1&aa_c=0&av_h=280&av_w=1600&av_a=448000&b=5435&all_b=5435&d=0.044&all_d=0.044&ard=0.044&all_ard=0.044&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://grammarly.99lb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 05:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.99lb.net/	1970-01-20 22:16:37	Name: __gads Value: ID=e2302a60849c6d08-22ac861c3de200be:T=1688101828:RT=1688101828:S=ALNI_MYq9mHiAXIh9P2VJbbSu8PA0wE9Wg
.99lb.net/	1970-01-20 22:16:37	Name: __gpi Value: UID=00000c7ca7a9473e:T=1688101828:RT=1688101828:S=ALNI_MbN1wNvrxnTLTdLsvbf97FK23M6wg
.doubleclick.net/	1970-01-20 22:16:37	Name: IDE Value: AHWqTUmH0lhhwAYr1YewqfxvwSf3yYtgjcXVYHuxNRCfXO3BtFR0LiN-3t39QGFUb9Q
.hm.baidu.com/	1970-01-20 22:31:01	Name: HMACCOUNT_BFESS Value: 9E972D0894EDAC09
.grammarly.99lb.net/	1970-01-20 21:40:37	Name: Hm_lvt_1d2cfe9f05d723ea8a6c5af098c8895f Value: 1688101833
.grammarly.99lb.net/	1969-12-31 23:59:59	Name: Hm_lpvt_1d2cfe9f05d723ea8a6c5af098c8895f Value: 1688101833

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=kuUkGvSlJHf8iuvKtrxynSZ2_6j-ZKCzoJXtLDbHCyRNmdW5x-n4WBrASNOz-pRcJVh28yiLRNOSC0voKvhJTg Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=500185981&client=ca-pub-9629105312034481&fa=1&ifi=4&uci=a!4&btvi=1&xpc=IRZDy75LDM&p=http%3A//grammarly.99lb.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grammarly.99lb.net
hm.baidu.com
img.sci-hub.shop
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.235.46.191
220.200.129.225
2606:4700:3033::ac43:a162
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0d52b5daceb55aac268f75c8d3367d3051669cd1fca6e17f7911d30787ed2b09
1614a881b35c90100ed2c29529cfa7148b0a4331eb46ab7834c44225be84094f
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
16304e2c2603abe5b8cb4b6eb4c99f4360b3f73aa3e11f4ad94f028029b3f3ea
16540ec71f97643e62cf81f8288dd2dffac71fef4c8089329e9bfd29ca6ac1f8
1833b9f7e4babb529720573dc68f55649c43ad6de2f0374d53dc92d82ffb61e3
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1fe6d420537183c8e42c9b4f1910b8fddd400f5e7c3fdd5e8b8b186803ef3ada
258a49bb013e101ebcdf797dadfd43bf865bdbdf65834b2aa2feb618225c3743
26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b8caf8b20dd49522df4715b2241de74f1360751b0452fbe0a0a4444a11bd054
3e195cca5e5267465811a967c8d67f558528fe142929930636dc8d0b7b10429c
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4d0fd5d3550415088ab7338d3dc622b7d52662e57a11d97cc6b6be5eb267b21c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
501425a4bccac9deb6bf8bc0ed72da81d8a35b676dc62af00fa98fe4d20a7306
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
598518d24800833845c127af2ca81859c2436e9d92712568cc17aff4ea2657d2
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6391a14f3145368584d7c741b4a7450c6e348b1970d3db57ab740a604ddd83e9
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
688c317800abb59cd1f833b612e453c274403dcfa49e12c58906b1d270b3a64b
715c10542551d1bb0ba4823ced2906455bf5f3323b834d25fc4af87aa55d03b8
7221b8038f303589a759d2c3729dc9061965ffdb715627f20aed9ccaffb3c255
780a6dde487d89147eb1bc2ff7c0b33a44f0f7b0e959b1b57360dae207d93879
7e77239fa3ac2517a65674e4b3e98e731a8c28f1a98ff4174da0580f3170b702
81ac3ce4c91fc502e75c355b586f780c833440f81fdcd1ec0d42e9b2759cd46c
81c41388710a29139e5e4ac910b1d502a808f15d13cd36b1e8d2c248faeb5983
8be6580f93f419533b8816d840f1c93d5fe16b949aec7da1c560264f5d368e23
8bf0c34a65b26d415deffefe27bbe423b29d990af2ab18b63d9cfa616df7ec07
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9f2e485ea733256947d36e98fa5de37e8940377a4f700cb6ebfb50cb25fe4352
a494ef512dcccf9bcada36df97306f6816f4e43c1bf91f3a3ad01f579b2e5df2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a69e9b823bc3c6a9a326f18f927691722882ec22f02a6c46aa95613b4cd96ae3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
aef13528ee88cdee4588d072e4e8b11172c6897d28cb64bcc8caf9f0a223dfa4
b2b6f2328a94fb2711ddd60ccaec59086bffdf83371788f72fcf841059168d33
b32771f24e9182ea6f2d7c397582afadd772d293418549099e02131881f4d868
bca72ffee1b617118c7442f98f2b6a5b001ca2183d5aabd46e4cbb5a0d974109
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be3edfa5ad3f7a86b0afc35223059df2d00ce518792623656fc1d7a4e5c3951c
c2160b1330f7b4dd76cf666b67069b171b99864d18f709da6da37cba3edc44bc
c3f2b5e1cf5eb3ef97a07cc831a3260341ba11af67763bc05ef3e9e55dba8c1f
c836199727c2ba9c01f6e9b1b8c3b65f8f9f3c1710f9d8b948ab1483095cb824
cbaca64970fba3bfc036561dbadd825084b1484db9b95aa65dd02b3fdcb05bff
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d385506cd22e525a7c37514b7d681b55d7496674a038a809cb372fec41612a
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
dec328ab39c0f84d7ff319c4e46e2a490a7b31c5ea73f1ad1f5bb76e7d4b861d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50af7120a794bf408aad2dbc928a36d07d39e3e8902d529138fd8d3cda63b82
ea96e4023f4da2fdbbf582cc59f1eb6f3b38f286adab9bdc98d04a5aa95f716e
ee01f4c052fca1d0520c535ba7662796741fb7df953fb03813fa28ea3024e715
ef0f9d63d5d10b79c550749ad62c1509b4b7a07ce4dc327b4b4f6d08a4ec3cca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
fc9512205f04d9eca951a4b5d31ffe6475134f6272a251eb8e9bffaaedd2dc8b
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

grammarly.99lb.net Open in urlscan Pro 220.200.129.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

63 %HTTPS

86 %IPv6

10 Domains

14 Subdomains

15 IPs

4 Countries

5475 kBTransfer

8420 kBSize

6 Cookies

2 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

grammarly.99lb.net Open in urlscan Pro
220.200.129.225 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

63 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

15
IPs

4
Countries

5475 kB
Transfer

8420 kB
Size

6
Cookies

94 HTTP transactions
6 data transactions