autobypayment.com Open in urlscan Pro
2606:4700:3108::ac42:286e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://autobypayment.com/
Submission: On November 07 via automatic, source certstream-suspicious (November 7th 2023, 3:34:50 pm UTC) — Scanned from DE

Summary HTTP 170 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 22 domains to perform 170 HTTP transactions. The main IP is 2606:4700:3108::ac42:286e, located in United States and belongs to CLOUDFLARENET, US. The main domain is autobypayment.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 6th 2023. Valid for: a year.

This is the only time autobypayment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:310... 2606:4700:3108::ac42:286e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.16.84.226 3.16.84.226	16509 (AMAZON-02) (AMAZON-02)
1	52.217.132.129 52.217.132.129	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:1be9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	65.109.98.107 65.109.98.107	24940 (HETZNER-AS) (HETZNER-AS)
16	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
3	95.217.105.250 95.217.105.250	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
170	32

14 2606:4700:3108::ac42:286e (United States)

ASN13335 (CLOUDFLARENET, US)

autobypayment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.16.84.226 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-84-226.us-east-2.compute.amazonaws.com

www.rsptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.132.129 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

databanq-s31.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:1be9 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.botw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.109.98.107 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.98.109.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.229.233.6 (Marlborough, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.217.105.250 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.105.217.95.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	1 MB
21	revjet.com ads.revjet.com — Cisco Umbrella Rank: 7486 cdn.revjet.com — Cisco Umbrella Rank: 7663 pix.revjet.com — Cisco Umbrella Rank: 5592	725 KB
21	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	186 KB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	260 KB
14	autobypayment.com autobypayment.com	343 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	65 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	180 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	608 B
3	botw.org secure.botw.org	29 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	99 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	55 KB
2	rsptrack.com 1 redirects www.rsptrack.com — Cisco Umbrella Rank: 919571	567 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	40 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	24 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	409 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	93 KB
1	amazonaws.com databanq-s31.s3.amazonaws.com	10 KB
170	22

	Domain	Requested by
47	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net autobypayment.com cdn.ampproject.org
21	pagead2.googlesyndication.com	autobypayment.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	cdn.revjet.com	ads.revjet.com srcdoc
14	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com autobypayment.com googleads.g.doubleclick.net
14	autobypayment.com	autobypayment.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	pix.revjet.com	srcdoc googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net autobypayment.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	secure.botw.org	autobypayment.com
3	use.fontawesome.com	autobypayment.com use.fontawesome.com
2	ad.doubleclick.net	1 redirects srcdoc
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	autobypayment.com
2	www.rsptrack.com	1 redirects autobypayment.com
2	stackpath.bootstrapcdn.com	autobypayment.com
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	autobypayment.com
1	code.jquery.com	autobypayment.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	autobypayment.com
1	databanq-s31.s3.amazonaws.com	autobypayment.com
170	31

This site contains links to these domains. Also see Links.

Domain
www.dpbolvw.net
www.chamberofcommerce.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-06` - `2024-01-06`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
botw.org E1	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://autobypayment.com/
Frame ID: 9E700CFD0F1D2B2AAAD51F757A875A3A
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html
Frame ID: 4D39348B84E40B072DCCD6BE41B3FEA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&adk=1812271804&adf=3025194257&lmt=1699371284&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fautobypayment.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284065&bpp=6&bdt=679&idt=272&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=290411673269&frm=20&pv=2&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1163817205&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=329
Frame ID: A814DB414EF5B6EE18F9896066F3158F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=4107011014&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284071&bpp=3&bdt=685&idt=330&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1163817205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IIqLxi387G&p=https%3A//autobypayment.com&dtd=340
Frame ID: 60362287B1DCE09B2842E95EF34BE28D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358
Frame ID: AA7795C504A45C4057C56D4BDB5359A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383
Frame ID: A92540604A05A685449FE4B69365C294
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F38A8BD9C3812336EDB3E16856210EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4EF83D4C0DB703E1D0BA44FA7336543A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/v0/amp-form-0.1.js
Frame ID: 4C7DFE3003F75B21A3241B15B0055B3A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 2E18B88A882BFF90D6E5DE2EDB42B0CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7859CC2A335C46B3ADA879D3924B0247
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: 586D4FED43EE39A0FDC9BF2E2FC1726F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXLTb6eW58hrStebUWZfhSk6KtbIvNKfzJGJ2dnSkn9HBXbzveCT_w3SFBX7WLk9srl_sy1sZk281gu9LT4V9YxLGu8RhEmSZ8RqVQuofyDj36bfHrNhkFWTPBJVCX24ESK_IjWh41cua9way4cjmcJKl7oaGb7Fvco7s7IMVCoLDvOkrE
Frame ID: 134B0D6F9AAFD2226317B6958843D9D2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 923234FCE37D91D77DFA8A445FF1EEF0
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: C8A0633750201F8BCF780BBF23291AC3
Requests: 31 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 18B13EEF0A516F827D5ADFD5EF482B1F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A41E6517954065FA8F5D58B8542DF6EA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 06D3AD6D228384EF2CFC43CD638E45DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 666D917FDF6FC034C2D0D8CE336988D3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: AE42FA4C4BA5FEFE5CD060A9D1D749C4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 561F6C18091FCE3FD47EDF4A35C4B510
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2023 New Car Prices, Deals, and Offers. Car Loan Payments with $0 Down.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

170
Requests

95 %
HTTPS

68 %
IPv6

22
Domains

31
Subdomains

32
IPs

4
Countries

3685 kB
Transfer

7319 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dpbolvw.net/click-100429012-14538953
Title: Trade Value

Search URL Search Domain Scan URL

URL: https://www.chamberofcommerce.com/united-states/michigan/rochester-hills/automotive-dealers/2012460916-gener8leads-llc?admin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.rsptrack.com/impression.track?CID=440085&AFID=528967&SID=sidhere HTTP 302
https://www.rsptrack.com/pixel.gif

Request Chain 68

https://googleads.g.doubleclick.net/pagead/adview?ai=CBQILFFlKZY_YG4ThtweAtqUowavi_XO6sLqrjRLN18S7BBABIL2UuZABYJWCgICwB6AB3Jrc-wHIAQmpApaduozx97E-qAMByAPLBKoE0AFP0Ps10WZycM9MWonfNObHRI3Gl3el7Zl3Z_IMYsi4GFW3LA08cYUNxiW0dvpVy5QhkCLZbXt_geHYIFhKac4o3OrwfuzGp0tzALWmQaqpgAMjwisIKf71IIDu5LmPP3PwXZS3Wi1KVJhmUp2jjrniy-rcLSW-lheJiqt0cXgURly9BElvLGKz2iHO0RYTPkEXtUXSI8fIlFg7h4IK5N96MIneFArBOeAiUR2mFY8b9P6aK17GsQBpZqh-uLZgHy6H8mD3zBZi305S-up8CcjiwAT0-962wQSIBcvUqpJNkgUECAQYAZIFBAgFGASgBi6AB4zlo4QCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvLMG0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJXmh0dHBzOi8vY2hlY2tjYXJzMjQuZGUvZmFocnpldWdlL1Rlc2xhL01vZGVsJTIwMz90eXBlPWNyZWRpdENvbmRpdGlvbiZtaW5WYWx1ZT0wJm1heFZhbHVlPTIwMDCACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDkyMDAwNTk3MTM2NjY5MBgA&sigh=ug8RuzDwdZ4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNq0W8TePVKhf5Re9LGO7QLxPQxbFoM_r7pa43WkIlAJ0tGKjubPXKddh3FfcYupyv_Lr9AEILyI8vOtgJy7EfWUvl1llBpHmRnxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225456512929094843877%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22527895900%22],%224%22:[%2211-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228893595931606532465%22}&andc=true

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUpZFSt36TtL.hRqFKR0zQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1&google_hm=2

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXW_7eo3_OeSAN9UEYkx0M&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIXW_7eo3_OeSAN9UEYkx0M%26google_cver%3D1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDc5MzA3Nzc2NjgwNzg4MA%3D%3D

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1699371286312 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CLKD_a6bsoIDFWSQ_QcdFLQMSw;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1699371286312

170 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
autobypayment.com/ 206 KB
18 KB 198ms
174ms Document
text/html 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autobypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0465fc972d0399745d890a45dd263bb66ff407fa7f29fc1f469dee1753dbfd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8226a458180a65a6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 15:34:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OysqtmQ1tGkhRR7Mfl0VzxZzWd9lVlpSsCBoNjOQpglMtwlp6Po0V8HnNUS%2FNKJDV8DQKTEY27SO9rbpr8nrR5HXiWGIJOw1FgrCKTxTht41oCKwJvLBoMLRqW3wZWRusvkB%2BlPxNK6YNFz%2BqYtY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 49ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1055
age: 163411
cdn-cachedat: 07/07/2023 01:23:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c29ad5f96c3623fe2903ec1ebda3175b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8226a4595b1118b5-FRA
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.0/css/ 53 KB
12 KB 293ms
270ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by: Host: autobypayment.com
URL: https://autobypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"251d28bd755f5269a4531df8a81d5664"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tODyn3%2F2hL9J6WePKuMG7x02AxHWR%2B9ffW%2BGiskdnqa%2B089gMuVgmYYJdZHL%2FjmQ5radfccReo8uCwunycEInYEX61mbNiP5ksn7ftlRQuz60oz1Z8MxT%2BRrgeNb%2Blu9iiqXhbV%2FyV5oqAmf2ircIwlN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8226a4595f5465da-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

pixel.gif
www.rsptrack.com/
Redirect Chain

https://www.rsptrack.com/impression.track?CID=440085&AFID=528967&SID=sidhere
https://www.rsptrack.com/pixel.gif

43 B
310 B

128ms
123ms

Image
image/gif

3.16.84.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rsptrack.com/pixel.gif
Requested by: Host: autobypayment.com
URL: https://autobypayment.com/
Protocol: H2
Server: 3.16.84.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-84-226.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
last-modified: Wed, 21 Jan 2015 22:13:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
etag: "1D035C777E4ED00"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 43
expires: Wed, 08 Nov 2023 15:32:46 GMT

Redirect headers

date: Tue, 07 Nov 2023 15:34:43 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/p3p/P3P.www.rsptrack.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
location: /pixel.gif
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cache-control: private
content-length: 127

GET
H2 200 logo.png
autobypayment.com/images/ 12 KB
12 KB 131ms
130ms Image
image/png 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/logo.png

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf9f874c540eee2a9ba19642daa465f1fa31433931c24fb221e404b1fc35c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 03 Feb 2021 09:47:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6L1zDqdpKLwOU%2BrC2qK8%2F7uaIZ41rqTWXoFdZ%2FTAg0EhfPjmjupTCr8UO5NK0%2BGE5zfQ8Q7N7iBh8bNyUiLTn2UYC98xatN14EQgXcQOxnPx3tU83J%2Fe1PlERdkYulz0RyKF4mmJ%2BK5UGRO%2FVumk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8226a459db0965a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12177

GET
H/1.1 200
OK Chamber-badge-white-01.png
databanq-s31.s3.amazonaws.com/Badges/ 9 KB
10 KB 373ms
159ms Image
image/png 52.217.132.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://databanq-s31.s3.amazonaws.com/Badges/Chamber-badge-white-01.png
Requested by: Host: autobypayment.com
URL: https://autobypayment.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.132.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2059244da52a08f51c4d78ad356f096ba87a8b073c61eef5ce99417a20ebf0d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 15:34:44 GMT
Last-Modified: Fri, 14 Mar 2014 18:45:12 GMT
Server: AmazonS3
x-amz-request-id: PD4BCQZ871JKGZ11
ETag: "95723e185da93cb573f0310fb35f0e33"
x-amz-meta-cb-modifiedtime: Thu, 19 Dec 2013 19:16:00 GMT
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 9579
x-amz-id-2: yRkMhky3bB3w0Qn/AEgB90gCX17eL++q+Ue1MbtJakrVvXPUI+wBPPoD1k82tQl6lWAJaV8CkVo=

GET
H3 200 rocket-loader.min.js Show response
autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653bc982-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNqvoprHf3z8MwU5ms3ibXXxOPsdQVJhSxhihFMhzo4Oo2LHuRlWeJEByfSkJFNzBhsHoT0yrK%2B2ETnKzhuKbHLMBhRZMyOMc8VRVtkcLG69LYRDSNI2J2etna8KZjCMmbZcPjPgc2vT134bHSht"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8226a459fbfc9b5b-FRA
expires: Thu, 09 Nov 2023 15:34:43 GMT

GET
H2 200 badge.js Show response
secure.botw.org/ 2 KB
1 KB 401ms
141ms Script
text/javascript 2606:4700:10::ac43:1be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.botw.org/badge.js?t=blue&s=225x80&id=1974280
Requested by: Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbb7cd5c5359d07e96e7e5795caf2916a4a6be3dff2f9c8d6eb2e78f2593552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8226a45cbcbc5d87-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 118ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4920005971366690

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

115bc05a35999e3681dc74b2c0a899264f61afb256ce711521f8c9444bd628d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52072
x-xss-protection: 0
server: cafe
etag: 13950217803521242637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:43 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 37ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1720945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDh8Z3%2FxlJalPwKbLEazKQshpNHi3c855zcxTuA0Ek5DVv1KzI32OpQqZyvfrRT1M3NIVJrExHwR%2BMXXgODsa%2Bdu16BBiuVysnNSxVqA7w7wzaY4YbBJuok%2FC6NXIfmbSgrDyIIs3GYOaQ330cxCpXQC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8226a45b3ba05d4a-FRA
expires: Sun, 27 Oct 2024 15:34:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 91ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PXVN4THZC

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9193e16e5777bb4406906cf09824528369b0f36d509e4b640750804a090a8674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 15:34:43 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.7.0/webfonts/ 13 KB
14 KB 288ms
287ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79569bbf98e046743427673c2f59a9649ee833f2a9089b2e6497d435b5fe1b09

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9c0eb6c2e967eccd837da618bcbde91c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ1YQ11Ig6mNKrhD26nego40OaQFKVE8FV%2FwVepGIHApVf5fALDUdL4q6D0pkCsfQnESEZHUiCIlQncMWD7XbW2Y5IMBT6LaKOk3Dh3wgCXjDfKiUx8XodhfGOyZvbBMNNGNKCzDKwB4Lb8Q%2FWp2g51b"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8226a45b3a8c65da-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13576

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.0/webfonts/ 73 KB
73 KB 268ms
268ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "52134b924fd61958f88323845deffc64"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvzSAws5NoRvttLLBMzFJ9j4gY%2Frk8ytOWr6sznKLgGfldJ5WAwGYYXDWZs5XF%2FttV64aemduWhnx5IE%2BiGAOSO907hmx4AMdpOp9R%2BB%2FIIUBw5aiUw7YVtyqfCZmOtwMO4GCesFYjnONY6UFKXfpEIX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8226a45b3a8e65da-FRA
alt-svc: h3=":443"; ma=86400
content-length: 74316

GET
H3 200 2023-Nissan-Titan.jpg
autobypayment.com/images/models/ 26 KB
26 KB 141ms
140ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Nissan-Titan.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c79403f40a10357eabec766f1e12f891785ad362a809d0761db6d6dc9b695a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBcPBgFhj8bh%2FlWcrAQ3uI9DIIAC4NfKmgFG%2BUJwxMxu7AcGWxkaCDE646WMg1ez1Y6rPqWJgeOOlHyzQ07qqRhGBWMSpfry0720H%2F3GgrIbRgu%2BLgm4CHfPEHdfX2TOjkPoaRCY2x0zHp6x3fcF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b7e1c9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26408

GET
H3 200 2023-Nissan-Titan-XD.jpg
autobypayment.com/images/models/ 27 KB
27 KB 150ms
145ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Nissan-Titan-XD.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9175f983a3f9219382d10bea578d2dfb550d35e086c6bc892146a0345abe5138

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIjUFYwAdW3a4BiHgT0YQglivqxmaUW9pVXMSqejZI7XsOhyJcF3ZMxKe8GJcqqZO6oV7cLwkrjc9d7EqWPXuN8JkPcDIdJUkPcmq8zIZdpYx2XkCVz%2BgcFmCkg%2BicF1%2B6KO7%2FWN4uoCbpRR4EY%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e439b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27279

GET
H3 200 2023-Nissan-Altima.jpg
autobypayment.com/images/models/ 27 KB
28 KB 163ms
157ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Nissan-Altima.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963e263e56326890a164f2f51e9c9a0294931b292b9693a3cb1647c0002358ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:44:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UwOvSdOrH0sLiIUfibjaC6jQKMA%2FHfwnsZ25KRgwI1veXxKXKCJtDG22%2FVJlrRdbJNg6BNjAh9XBrgsOMmGoxbV%2BXeuP5rGHiFnsLqGDT%2FF9kGiBCmw9ke9SyVCHg9AsZzYozTy3u1rTjyhT53j"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e449b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27991

GET
H3 200 2023-Audi-SQ7.jpg
autobypayment.com/images/models/ 28 KB
28 KB 356ms
351ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Audi-SQ7.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8e2a972fa09bbcdf697bdab492aada2c89604c074595eefd95b76bf9cae3d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:43:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg2j2CRBw0tbQ6VATjyPSnmyY%2B6L1q2Fxcs4TSGszOAzdM4m1JVplRVGBWBalgyenNTpwvTCUD0GA%2FSDfdKFms09I1ti%2BeTvLZX%2BqWcO6jqk5t4Z086lJJFltUWnPy2AH9rSh1%2BUWpIqNKEjxhaw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e469b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28205

GET
H3 200 2023-Audi-Q5-Sportback.jpg
autobypayment.com/images/models/ 30 KB
31 KB 176ms
171ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Audi-Q5-Sportback.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36836bf548d85af7645b69ee932a5be8251516678b801f27014124d44fcd227

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:43:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gLW23nuc9rHRGyVhD1hJEU9yQ7Dqje81PoGrVqJFMTzXIlg1wOvixWs5EVbXHoQ1pckH0Ea5F7TCvSfra5AzxLtp0RBCW7b3b5Y%2BcV6XB35b1rMkxwflD4%2F0mCF9zZItEf8O0Brpt6WbhkyxL7d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e489b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30998

GET
H3 200 2024-Audi-Q8-e-tron.jpg
autobypayment.com/images/models/ 28 KB
28 KB 177ms
172ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2024-Audi-Q8-e-tron.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cd831e5105978fa78fa55bb194b31d5dfdd6d02d2cb4c9ff857ba21b3a06a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Mon, 17 Apr 2023 14:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1Db9TrYHxaWZHo3yeGyw4ngYtozrQc6iNfMsX54EXJs%2FQ6UCVGJq5FfoZJ%2BV2y4mu5LMQgAW%2Fw0%2BGvzgzFm536vZOuY%2FptNb8hU84ghzQ4HG5fYWsN%2FxrbliSpuWzU%2FLbiHmhd8IhBOBFqLhmfq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e4b9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28413

GET
H3 200 2024-Chevrolet-Equinox.jpg
autobypayment.com/images/models/ 22 KB
23 KB 188ms
183ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2024-Chevrolet-Equinox.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59abaa670d52da9b161071754a5267a9a6942cdcf7f3886667b060247609d0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:43 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 26 Oct 2023 17:47:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hg2gXKKxi3QsDPUh2rtLltObD3sMvKHCsQAwIVkcPkHnJwp0mnv0fzY7yWcGTY6OjaJGGzEWo%2BD99k96xzIu3bpiL2oB52XB0pBzBkwVqfpCD1S5MvjfBFMXvBy30%2BWgWZnqKu6%2Bh%2BJHS84ehTql"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e4d9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22849

GET
H3 200 2024-Chevrolet-Malibu.jpg
autobypayment.com/images/models/ 23 KB
24 KB 355ms
352ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2024-Chevrolet-Malibu.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

749171d8d5a02da3fa3a9f8527d166b42b089551539ca116ab571264c4e6d000

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 26 Oct 2023 17:47:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMfERYSdiT7QItXtLeaC3uGDxQ2K%2F5IrG4UJz8M7Nj6yU4ByiZKk30fDD%2BqKV6JLqTevw0Sm9JDUIjRKK5PMcXlfLdgqZarobIQ9j6NqLVpY0bXYTemJpxo3Ypri6gs8QLY3OL%2FK7lQRB22Nwa3r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e4e9b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23880

GET
H3 200 2023-Ford-Bronco-Sport.jpg
autobypayment.com/images/models/ 32 KB
32 KB 356ms
352ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Ford-Bronco-Sport.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eef1b8d50b7fc23be6ce4efde6b1e1f72b652c2de325f6a1d04b07834579c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:43:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0etgrU%2Fi%2BGi4ahnRI9hL2w8tnU1nVe%2FZ49m8rxbHCK%2FgMZjL1w0qFYwDFKhkjH75x7bRsWo1j70kT5X%2BIxAUmaoSakKi1vrJIsHVtoxI%2FNxSqoA%2Fc8d9kSftqpfxYXqYqFU5m%2BFwcnatBactvPXV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e509b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32541

GET
H3 200 2023-Chevrolet-Bolt-EV.jpg
autobypayment.com/images/models/ 30 KB
30 KB 357ms
354ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Chevrolet-Bolt-EV.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65fde1645c05c61b90f67ec7fce65bb734778128400edf0c1902402967b116f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:43:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naX1qGThzxwqbzmgKk5BwcgmXzZjXXRoLIbA2fDtgxBSTBZqqSqJ46nJ5Y6KdNPTTftVER2mDwxco6lfPXZcheL%2FjN2oizo%2Bva%2BDbLFfE1mAXClqGzAbp%2BvUAVyGsB%2FmY%2B0IDLSd2fIPPOLFshnX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e529b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30601

GET
H3 200 2023-Ford-Mustang-Mach-E.jpg
autobypayment.com/images/models/ 30 KB
31 KB 363ms
361ms Image
image/jpeg 2606:4700:3108::ac42:286e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autobypayment.com/images/models/2023-Ford-Mustang-Mach-E.jpg

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:286e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e34f05f1a9012b9f5f26aaad7ba34876808d0dcd88edb4b805eb484cabbe73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autobypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 05 Jan 2023 16:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDuHBBtW%2BX%2FVWcUYI%2B7o2wO7a0UjbGdHctU19l3Q1NYVl5lYE%2FurV4CIP5i7nsKD4ldgY6noGJopr4cPw6th0KI5Jf6JCEAJHJdNn4pZYqebzxZ36xgsFbPf5b7kU3ZTHF5QrTOn6ZhCYMg%2BCiPV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8226a45b9e549b5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31182

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 168ms
103ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4920005971366690&plah=autobypayment.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4920005971366690

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d5aea4099bde12c0ce5da7fce96bf2033a02a57c218f2f3d49f44c96f886b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138484
x-xss-protection: 0
server: cafe
etag: 4374233337323519602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/ Frame 4D39 10 KB
5 KB 73ms
24ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4920005971366690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 11:47:05 GMT
etag: 251720774729838433
expires: Tue, 21 Nov 2023 11:47:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 17ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1720946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eq6gSfDHxu07LyWFAWqjs1e0m4tIPdQFAc3Igw4ODjAKGsyKXKwKrsxGy7mrKrIDLNFYfQmbTsSQLghlloIQnxy5hOybGvyvgd7ahLvtWyCt3NSQSTc24KEB3xZLvkSiJJ6sbVknd7%2BEmSkuvT6DLA0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8226a45e0fab5d4a-FRA
expires: Sun, 27 Oct 2024 15:34:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 56ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0PXVN4THZC&gtm=45je3b60v869492254&_p=1699371284012&_gaz=1&gcd=11l1l1l1l1&cid=174434805.1699371284&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1699371284&sct=1&seg=0&dl=https%3A%2F%2Fautobypayment.com%2F&dt=2023%20New%20Car%20Prices%2C%20Deals%2C%20and%20Offers.%20Car%20Loan%20Payments%20with%20%240%20Down.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1023
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PXVN4THZC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://autobypayment.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 71ms
22ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0PXVN4THZC&cid=174434805.1699371284&gtm=45je3b60v869492254&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PXVN4THZC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://autobypayment.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 78ms
39ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0PXVN4THZC&cid=174434805.1699371284&gtm=45je3b60v869492254&aip=1&z=1209842903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4920005971366690

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09a053a55dd7c85b353eafd9ff13e1f54d40cfee70a81e74492db2a77b8fb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52072
x-xss-protection: 0
server: cafe
etag: 3223993094164692290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:44 GMT

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 67ms
15ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1842872
x-cache: HIT, HIT
content-length: 24606
x-served-by: cache-lga21954-LGA, cache-fra-eddf8230061-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699371284.313693,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 55, 37841

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 40ms
19ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 479337
x-jsd-version: 1.16.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230077-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUpHIBqI3OjTYuflDo3Fl15AxnTjAdy3ubUYIjG2hWMgdn8BJ2ZKcAUjOW%2B3eCuJInfxVVSY2QFBsJKyXqC8ymEVhAAhF5CSGTGLOj%2BW9F5jBHNTrPxL6VPqUGBsVIUNORo6Sy6OILOFELdrWhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8226a45f3db7699b-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 135ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=autobypayment.com&callback=_gfp_s_&client=ca-pub-4920005971366690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4920005971366690&plah=autobypayment.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71ee6ee0a38c0185b3cd8fe7aab17e088a95c6d11c52691a5393455bb8426843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A814 245 KB
61 KB 772ms
771ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&adk=1812271804&adf=3025194257&lmt=1699371284&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fautobypayment.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284065&bpp=6&bdt=679&idt=272&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=290411673269&frm=20&pv=2&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1163817205&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=329

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72393af04a8e05d7068bc55119dc75904550737044a317b3c5e93d61dc58f72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
expires: Tue, 07 Nov 2023 15:34:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-md%20bg-primary%20navbar-dark%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6036 132 KB
42 KB 461ms
455ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=4107011014&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284071&bpp=3&bdt=685&idt=330&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1163817205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IIqLxi387G&p=https%3A//autobypayment.com&dtd=340

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0360329453f6054fc2b40563345db72b3db72695fc594f0a3db6884891b65b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42803
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:44 GMT
expires: Tue, 07 Nov 2023 15:34:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA77 79 KB
29 KB 622ms
621ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802db1cafbec94ca8095a56aa252945692761fde8d902c8bbc463a553a975579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
expires: Tue, 07 Nov 2023 15:34:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A925 106 KB
21 KB 1030ms
1030ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c1b592186383b442dd5ed15ced661820f27560d285cf8b52f0d73d5bd9a89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21562
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
expires: Tue, 07 Nov 2023 15:34:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
15 KB 33ms
32ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://autobypayment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1048
age: 168181
cdn-cachedat: 09/17/2023 22:21:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fd5801853538ff4b9db194a5c881a8aa
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8226a45ffd5418b5-FRA
cdn-requestpullsuccess: True

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 65ms
64ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231102&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbd14af932dfbfd3adce4c0d0ce7316283903406466d85ac4076d33c5ed63a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12230
x-xss-protection: 0

GET
H2 200 blue_stacked.png
secure.botw.org/assets/secure/images/badges/ 27 KB
27 KB 27ms
26ms Image
image/png 2606:4700:10::ac43:1be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.botw.org/assets/secure/images/badges/blue_stacked.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b0943a10706fddc821e35439a5c4a0c7ed1bee1c4fbd226dedfc5646821d149

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2023 18:48:58 GMT
server: cloudflare
age: 815663
etag: "6417591a-6ca6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8226a46039975d87-FRA
content-length: 27814

GET
H2 200 /
secure.botw.org/stats/widgets/ 842 B
1001 B 141ms
140ms Image
image/gif 2606:4700:10::ac43:1be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.botw.org/stats/widgets/?listing_id=1974280&url=https%3A%2F%2Fautobypayment.com%2F&widget=trustbadge_display_script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8226a46039995d87-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 101ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 15:34:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F38 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 12:43:16 GMT
expires: Wed, 06 Nov 2024 12:43:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4EF8 829 B
1 KB 65ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42f2b1c77879c006b50e231b9e46b218acfb5b2464469f65ff61cafd3bd92d61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uZwwV_--QNYcQUgPp92m9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uZwwV_--QNYcQUgPp92m9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:44 GMT
expires: Tue, 07 Nov 2023 15:34:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F38 38 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 12:43:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4EF8 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231102&jk=789430719163929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F38 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VCw83g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6036 14 KB
2 KB 66ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=4107011014&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284071&bpp=3&bdt=685&idt=330&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1163817205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IIqLxi387G&p=https%3A//autobypayment.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 15:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 15:01:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 15:34:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6036 2 KB
822 B 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 14:05:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 6036 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:53:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6036 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 12:43:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6036 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:56:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6036 190 KB
60 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 6036 36 KB
15 KB 60ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/4989826582257633222/ Frame 6036 18 KB
18 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4989826582257633222/2728354180183721846?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bf7902399cf0fd6c2a4e1677e6f4902b81db6af17a112803dcd5642a1dd69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 08:56:24 GMT
x-content-type-options: nosniff
age: 23900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18390
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 08:40:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Nov 2024 08:56:24 GMT

GET
DATA 200
OK truncated
/ Frame 6036 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6036 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6036 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85eb053c0729d176bae44be135b57ea65ba13a8cf810c453b2b0a929ec6c21f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4C7D 50 KB
15 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d90ec3418d19aa3b77e76054eb71b0fd006122c432bff404a326638e618c64

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14995
x-xss-protection: 0
server: sffe
etag: "ab43075a93144b3f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4C7D 7 KB
3 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fit-text-0.1.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f6db5b49fef9ff85b3f82028b27f8a47284bc2d1bfed64e5e057978bacac87d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2509
x-xss-protection: 0
server: sffe
etag: "39187c3e66665be0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/ Frame 4C7D 237 KB
62 KB 139ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-v0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a786bf1b9f79afb601db7bd3567eb64ddb5633f44200cff159fb47e6b45d26

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63701
x-xss-protection: 0
server: sffe
etag: "570bb12d8814c565"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4C7D 110 KB
32 KB 117ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

759d98cf1d61c19a6a5ded8a4e97755d72a8f24ad9cf0879b5f6a712e77f55ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32263
x-xss-protection: 0
server: sffe
etag: "3040d9cf2f8c9f18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4C7D 19 KB
7 KB 133ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d329fe8ac58723b7c6fb483c2bce839a9bc5d2809e6615f5e6fa15a1b1509f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6645
x-xss-protection: 0
server: sffe
etag: "7f9382c4217a61bc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4C7D 82 KB
20 KB 109ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-animation-0.1.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d9f5ca4557a48b7b5d671eef2f2880658245985c1b7ea549a0096a2bf5db4ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 15:34:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18975
x-xss-protection: 0
server: sffe
etag: "20d3dcda130db11e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
DATA 200
OK truncated
/ Frame 4C7D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e40b891a79ad4a254e7d2bf435e92f84ec8636311e60df42dee9fa3ae8cbcfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4C7D 13 KB
13 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46dd59e48765d73b107d55a115a0caad65523094bc7454686b9feab1ed794cbf

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: font/ttf;charset=utf-8

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6036 33 KB
34 KB 54ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 297044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6036
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBQILFFlKZY_YG4ThtweAtqUowavi_XO6sLqrjRLN18S7BBABIL2UuZABYJWCgICwB6AB3Jrc-wHIAQmpApaduozx97E-qAMByAPLBKoE0AFP0Ps10WZycM9MWonfNObHRI3Gl3el7Zl3Z_I...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225456512929094843877%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22...

0
0

83ms
48ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225456512929094843877%22,%22debug_reporting%22:true,%22destination%22:%22https://checkcars24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22527895900%22],%224%22:[%2211-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228893595931606532465%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5456512929094843877","debug_reporting":true,"destination":"https://checkcars24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["527895900"],"4":["11-07"],"6":["true"]},"priority":"500","source_event_id":"8893595931606532465"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 15:34:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5456512929094843877","debug_reporting":true,"destination":"https://checkcars24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["527895900"],"4":["11-07"],"6":["true"]},"priority":"500","source_event_id":"8893595931606532465"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

836c031b3c77e7ef012f80443145eaf2945f585fd9ac4e2c78571ef27da00670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
server: cafe
etag: 5295876731774971054
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E18 50 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 06:26:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 103ms
48ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 15:34:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012310201815000/ 23 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be94bef7bd8ec05adc21bf1c7c2a9b6037c269e1fe83ccc1f14337e8c479448

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 17:11:56 GMT
age: 80569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7818
x-xss-protection: 0
server: sffe
etag: "55c20615f634704d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 17:11:56 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C7D 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 65728
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Nov 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C7D 295 B
319 B 14ms
14ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 65728
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Nov 2023 21:19:17 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/14701226194132730641/ Frame 4C7D 100 KB
100 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14701226194132730641/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9578575e40113689cad208384fc82d016be8e4d103564691b7603ebc1288d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 17:54:25 GMT
x-content-type-options: nosniff
age: 337220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102079
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 14:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Nov 2024 17:54:25 GMT

GET
H3 200 copy_1.png
tpc.googlesyndication.com/sadbundle/14701226194132730641/ Frame 4C7D 5 KB
5 KB 24ms
23ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14701226194132730641/copy_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9acfef0c9f042ef8689a12d381f155fd10eabadf96a8b9510eeb3176d7780f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 05:32:48 GMT
x-content-type-options: nosniff
age: 295317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4841
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 14:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 05:32:48 GMT

GET
H3 200 copy_2.png
tpc.googlesyndication.com/sadbundle/14701226194132730641/ Frame 4C7D 7 KB
7 KB 23ms
22ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14701226194132730641/copy_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951c0dd845469faa14e0e741a267cbc46e0fc355e46cbbece1e562feee6f3b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 05:32:48 GMT
x-content-type-options: nosniff
age: 295317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7091
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 14:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 05:32:48 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/14701226194132730641/ Frame 4C7D 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14701226194132730641/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7326b878f0ae19f2db0a0ce7da4a80cce16149da19a6665bcd1b059da6cc933d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 05:32:48 GMT
x-content-type-options: nosniff
age: 295317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1682
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 14:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 05:32:48 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/14701226194132730641/ Frame 4C7D 5 KB
5 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14701226194132730641/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcee3b1cfa6cdc64b7a93ee2ac55a850bde489fedeb5c2e7ea655359c69ca86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:38:10 GMT
x-content-type-options: nosniff
age: 352595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5361
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 14:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Nov 2024 13:38:10 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame 7859 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 22:46:58 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 22:46:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame 586D 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 22:46:58 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 22:46:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231102&jk=789430719163929&bg=!OzilOHfNAAb4oU7C2KE7ADQBe5WfOLR5A8dMJ_QkHQIXBpdBuLr483i7KKUqC6TGk0_cFH0cPDK0MXM1JYhGjRjvV-xeAgAAAHBSAAAACWgBBwoAUbDblW3ePIBfuUIQASkNQrou3MNrbZInTuPrxMT7rCNNmhupRk7-E1BImlJBDpNRwUR615OPi6dw33LVRvxn6HC38P0gXDVgBqhZqIjISbOwvJkC-FJZ_RJM1n2A-gDcWQm7fp9FTpc9IBgz-PFQz7pCQ0tlWPMdubhpiULlV8mArWhgUr0K7C8_2kkbTOPWIs8mv-LJz9qL5sAtl6FMLQzzUkbAox5BjPuz--igtsDj4vOa3o0Z72GVqQXpfikBshkUSwF3km2vYGK1GjZp-sDvvEyN_1NBL4YiipGxBHJqS7M3wW04DtqpvK3-wWMo_I6M3IuUkbDp8qVdkpJryui7CUjrY5V-CIM4InywdlaUpes_5FH-GBYJ7jZmqhj4Adt7pWogyIkT3Aw8551Km34RLA2auiY_74vAhHBzCaA5fEM1JF6Z7iqMpP7Od60jzNmUAefSl0CFFOI7WffWWGsyonCdk5KIsIPTrb1rxiCyav1T5Be2iOF3IV9mJO1Xba-I6JVbwWIH3hAso66oJRuPd9ubbqtpCNq9jWO4SeY0HqlKciwInrXTP4BtmamUrGOzZY1adHtIKIo1gY2YfaYlfLK3_XINbB5K7aBU6EG3SJ4RZwDUSP1LQ-uhht4a6TQwValwI0aO79Om0Y3LBeGzaFgXzdZScEWJHerm5Qd0D99ov7Sv9EIl0XcVkN0lMFkJJAwjQFw8j4-zuzMTzxbgTmlthEavFSEsDmrR_ub7WYFY_18yhWvggZ_MU2NuQxhnNxv7JHB0u-xTplo3Q3aXP3fM8c9NUiBhADb9QfQsgBjWXwDDZ6TpCOUXw11LW8larwVmj6BFUaolLy3iQehzpH_OMZYksnYPcD8bYm3S0tj6PMNT3TIi17T_g6UiTLD5YJG1siyIHfuJC8pIHllHn1osXLNGRGoieeAyiJzuxB6CzJyQwWv0jSk_xalm7HfCmTFDSxuKhWBdNKPnptKTTgWmuPOm-X8SS-eR0IO79craDsxAOMycACD-6BfjC4xjrFFZ4zzE0HRgV4H9TFbn7rJ_OPKRtFL04_26F8pb5R_kdz7yzjRHjGPLgYx-FHjS1oextZ2QtqnedrZPrrEY_maXtNLWH47xR5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 7859 4 KB
769 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 15:03:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7859 205 B
520 B 15ms
13ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 173903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7859 604 B
696 B 16ms
15ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 357378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 7859 16 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:06:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 15318980762987274547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:06:54 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 7859 21 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 18:59:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 134B 624 B
245 B 66ms
64ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXLTb6eW58hrStebUWZfhSk6KtbIvNKfzJGJ2dnSkn9HBXbzveCT_w3SFBX7WLk9srl_sy1sZk281gu9LT4V9YxLGu8RhEmSZ8RqVQuofyDj36bfHrNhkFWTPBJVCX24ESK_IjWh41cua9way4cjmcJKl7oaGb7Fvco7s7IMVCoLDvOkrE

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
expires: Tue, 07 Nov 2023 15:34:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9232 89 KB
31 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 9232 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 12:43:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 9232 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:56:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9232 190 KB
60 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9232 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANwf-t9JQcNvD0WUHzpTunevxHAuSB38dOlk_6pl24RUefYC6pBFC7b79NltKRw3W2HKpWndEhFzXT2UQX6Td-CmSBt37-W3DohBdzY8WZI1FRGPQ

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9232 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4069074573714215517&x=1&ct=77

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame C8A0 196 KB
55 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:47 GMT
age: 77218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:47 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 15 KB
5 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:47 GMT
age: 77218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:47 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 95 KB
28 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:47 GMT
age: 77218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:47 GMT

GET
H3 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 33 KB
10 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-carousel-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dee2e5aa10555026f205dabff8ca2785b77646b0b744bd633a4dec2cd10bb35

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:51 GMT
age: 77214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10085
x-xss-protection: 0
server: sffe
etag: "9c1e4e7f5d08c603"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:51 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 5 KB
2 KB 50ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:47 GMT
age: 77218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:47 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 40 KB
13 KB 57ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:48 GMT
age: 77217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:48 GMT

GET
H3 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8A0 6 KB
2 KB 57ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 18:07:51 GMT
age: 77214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2443
x-xss-protection: 0
server: sffe
etag: "d3619ba7d4f4801f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Nov 2024 18:07:51 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8A0 2 KB
2 KB 17ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 65728
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Nov 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8A0 295 B
319 B 18ms
14ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 65728
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Nov 2023 21:19:17 GMT

GET
DATA 200
OK truncated
/ Frame C8A0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86d02d87775e41f19f6dc9d450f0eb666e52b9550aa4c76c2d8a087cb70c1f39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 img01-04-06.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 114 KB
114 KB 22ms
18ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/img01-04-06.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d04b7032a1624d09fe101d725d1692c8f12483e970ca2b35bbc3af06200f5001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:43:00 GMT
x-content-type-options: nosniff
age: 114705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116394
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 07:43:00 GMT

GET
H3 200 text01-06.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 23ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text01-06.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b34c766b13b52b7f71e55ff81603016b6284c3443d1355a106de956de82afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:29 GMT
x-content-type-options: nosniff
age: 448636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2912
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:29 GMT

GET
H3 200 img02-03.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 187 KB
187 KB 20ms
16ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/img02-03.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e3433a89abf2b065de00284e62b967f27566784463e953916d28422aa4a5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191147
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 black-frame.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 18 KB
18 KB 33ms
30ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/black-frame.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99237462fbf5c1360bfabfacef0455d88e792841a42654df2e7b1eacc60c761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18460
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 2 KB
2 KB 30ms
27ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text02.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21da843ca7f2dc645c1b9b7eb277aa017735c8eebbd7ac1b5480d887a9cf7e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2261
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 2 KB
2 KB 29ms
26ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text03.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d853a2632b6cb14f6eb40de17b940973c45fa01a5639f1eee691a10c28cc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2098
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 32ms
29ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text04.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b56940e38fe6e1009a22f228e3f45338f81dc01681a1688eb7bffbd6afe23f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 09:06:14 GMT
x-content-type-options: nosniff
age: 282511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2959
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 09:06:14 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 602 B
632 B 28ms
25ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a033a2c80bc18f242ce4e27d2ca1896db22d80687b248f8c6a9d3f2e49190a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:43:00 GMT
x-content-type-options: nosniff
age: 114705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 07:43:00 GMT

GET
H3 200 Mazda_Garantie_1.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 1 KB
1 KB 27ms
24ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/Mazda_Garantie_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4342920873fecf1f150506595bff096cd9da74cc85cec0155d921743369108f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1478
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 24ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 134B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1

43 B
776 B

28ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXLTb6eW58hrStebUWZfhSk6KtbIvNKfzJGJ2dnSkn9HBXbzveCT_w3SFBX7WLk9srl_sy1sZk281gu9LT4V9YxLGu8RhEmSZ8RqVQuofyDj36bfHrNhkFWTPBJVCX24ESK_IjWh41cua9way4cjmcJKl7oaGb7Fvco7s7IMVCoLDvOkrE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1jce17U2JJiohwZeLxaAQWZsbO%2FkcP12S7Kl82MXAdkc%2BKCv27h%2B5B1eGPaTQ4%2FOXWxh%2B5ZeruC6DIZWKdLZBNAs62OD0B6FiPe37H2Ykt2TIu%2F%2B9I%2BtDmDA%2Bfy7FQwWcBi9rdQV7vH9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8226a4681cae9211-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 134B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUpZFSt36TtL.hRqFKR0zQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1&google_hm=2

43 B
741 B

23ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXLTb6eW58hrStebUWZfhSk6KtbIvNKfzJGJ2dnSkn9HBXbzveCT_w3SFBX7WLk9srl_sy1sZk281gu9LT4V9YxLGu8RhEmSZ8RqVQuofyDj36bfHrNhkFWTPBJVCX24ESK_IjWh41cua9way4cjmcJKl7oaGb7Fvco7s7IMVCoLDvOkrE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQRVwFqxrM%2BGQFG%2FL8gf9sqUEhMymrZ2jaCzgJq%2FY0stT8xn%2F1R6X8qzsby7w5Dy%2F9%2Fl%2FBtEwfQB85Z4tImhHGFr59R5xvxxGKkTGqqJH23JEtXHCNjCmVt9QUY00vsddJHoe9bXnzoxqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8226a4684cee9211-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENa-mppBhlIzqb1aUX7ylzw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 134B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXW_7eo3_OeSAN9UEYkx0M&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIXW_7eo3_OeSAN9UEYkx0M%26google_cver%3D1

43 B
891 B

16ms
14ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIXW_7eo3_OeSAN9UEYkx0M%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXLTb6eW58hrStebUWZfhSk6KtbIvNKfzJGJ2dnSkn9HBXbzveCT_w3SFBX7WLk9srl_sy1sZk281gu9LT4V9YxLGu8RhEmSZ8RqVQuofyDj36bfHrNhkFWTPBJVCX24ESK_IjWh41cua9way4cjmcJKl7oaGb7Fvco7s7IMVCoLDvOkrE

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
an-x-request-uuid: 49584ead-8e7c-4f4b-8c8f-9d897da1c85d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
an-x-request-uuid: c15a2a5c-2f9b-4fc7-8cb6-e96815c0cfcc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIXW_7eo3_OeSAN9UEYkx0M%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 134B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDc5MzA3Nzc2NjgwNzg4MA%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDc5MzA3Nzc2NjgwNzg4MA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
an-x-request-uuid: 3d94fece-9229-4c9e-9e4f-e31d7e23ae8d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDc5MzA3Nzc2NjgwNzg4MA%3D%3D
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C7D 0
19 B 64ms
63ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL25fFFlKZbPQHLCJwuIPurylgAap9_vAc9Xd9ouCEsCNtwEQASC9lLmQAWCVgoCAsAegAdO1-vwoyAEJqQKWnbqM8fexPqgDAcgDCKoE0QFP0PQijJiOj0pCwo3pnhs3OAD1Ldr5Bz3G8ZNXbcahCKyAggXq6D-drhikpW2WpMsQR2OmbQxVAvEoqVEnvG4nHESjqcBDjuLU-D0KWXss73u8YQzcv70sbEKqkdVQbNmihkZ_OIaKme3sZmOs_ykn0I3qqgcozQqz3aofTM1EWRs1fKg6YgX1UvKzJb51QxeE7p-JTKYGqDQXeGMFid2IsYXFfOApdfe9L6PEWWfU-L6vs7Gehr87ljMp2fm2lf7Uo7s9Fu6fCGhRz1CZhevXpsAEyveKrMMEiAWZh5v1TJIFBAgEGAGSBQQIBRgEoAYugAfT7crcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIyFGNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUFodHRwczovL3d3dy5mb3JkLWx1ZWNrZW5vdHRvLXJoZWRhLXdpZWRlbmJydWVjay5kZS96aW5zLW9mZmVuc2l2ZYAKAcgLAaIMDCoKCgjktLEC7rWxAtgTCtAVAYAXAbIXHAoaCAASFHB1Yi00OTIwMDA1OTcxMzY2NjkwGAA&sigh=KMLi0wzjZd8&uach_m=[]&ase=2&nis=5&cid=CAQSTgDICaaN7_bpUw5J0ezKEv7zBEzx08NVpYu59FzJ6ybRl0zmmxYy2MHEcWT9IBWjbX87M90njHYM7pK9yGg7NR6hpFW-y45ynB39w6_AkhgB&template_id=419&cbvp=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=2640395293&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284074&bpp=2&bdt=688&idt=352&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=2961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=63rSqA3V8H&p=https%3A//autobypayment.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 18B1 14 KB
1 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 14:24:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 18B1 2 KB
835 B 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 14:05:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 18B1 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:53:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A41E 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 18B1 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 12:43:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 18B1 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 13:56:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18B1 190 KB
60 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:34:45 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 18B1 36 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9232 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4693597932785&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9232 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4693597932785&version=m202309260101&ct=77&x=1&cor=4069074573714215400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9232 30 KB
18 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnYESGj1RN4c42QD3-KvKjVytygheMHxk8KzLIea4dIUqsJj8O61MkN_WBpGEeNJzO_r_Xd9ra38LMduLfRi-sc4QaV4QceoJty85mI2wzCjpyrEmwPsP27h4Y1m8aVbWTnzVsoenVaBf6lh4ygHAE4hGyEUBwpnw5HQYkUhs1VS2EgbM&cry=1&dbm_d=AKAmf-BuMV2yxtXtKoYyzvwc6WzgurPffC_AbosfnGNZ0iyJYVdTqfDgGjvN1GE3DZNCqrv6_1sUbAf1ch4nT8O-gLn4knlvGutWLgvqY74VU8fKZLoXYo_1bqQXnBCkvbXTtjYZD4lsMNbJ-4TFDMiz5-PSLS1ErnxzAlt2E_deK5T1kwIL-CUe30XHP6EjoNJhD7r2cNdg2KdxgjnMvy5MFLB5uDapdHOGEUVKroIs_bqd1zDzmTTN94E9hTe2p6RKBX_hs94chWxBajv-gxHpxBYUUSbfQs9-uH5gj27L0otrK2IIP2Au5HmvEIk4u2hTZgwXxAwTVUbX17kbYZBTytdPuIK5HtdDuYVp1I7mHyn13UPkULUg6093xf-JaRXRaooR8jiIBAZ6LGSsAThE1-Z5C4qvXsp-mDtT0JCDrSFP9nFdE--44yxNYgY6hRkgyGiAu6tWqeLV_Un3cm1NxUcSYa8uZdt3uESj7VpYkC36XMwBvVFNrYqx8ZtqL-4vSnwueSf0Vf03izovBlFcmgieBuTiGnn6DvA8vL8iwcTjVcYkiqbOhp4MgrRpsMOceACR2HkvlGbqFKcZdRV-tKTK7sdEjtTFi1pRzSg1nBruZMtWcdvGvO3SMhuNaRtYYzMh_WAUunj74QA8FLwEMyrS8OpIKa4Cn6J4aWcCR7mcAQll0FIkSsbgqBCg5BSqodYoiUs0rv3U3fUibWlEz0VXkn8GKVB4ondTiNGQWAKn_NmtUUdEJiA0gO-YzU32QPSkqAGM3ytCkLzI3ysJu5Mf-Ob_jHDNvfU4YtQSaRpVGeOnKBzw2qJ4E2oH1Qd29Jg8XsabkdsoJide13pimrbjeIaY7jCGR7lCCdbz6LOYsOUIFy9OrJlB0SeakzwlnXH5LM_L0ofr0XnujQo9JMTLPnmeX8Y9-g_VE3Y0eOjn1_-_4yKhdvCbFlhU6ZOoN3Cr_si2FayU4R96Q-PG8KKXWkuQXg1ONBJ0t23hqazhnqrrDywEakevSARmnXyxm9cA3AIuE3Zt-KdRC1y_5jBNePlgCMZVtDgRz-ltDF85iMvWGotWVQKoJCcNukqcpaCdmCVYJj-JX3zbIOdn7QFlrsOv7vRkg_HyVu3hf6l5_Jf1XkeHy0W8_7QA8ihFmwm8zJM2fr4SYUAw-dMnf8NMJ9k0uSiGDw8AC6n4V_6qkEJkgWvnS9yJylTvnKB4jykyTYcZmrcRMui9iM5sg2IpLNQiRuB8eBTGMSbPPxJapoJqFUwtc3DTELW4AQVZ-FDfXeFWzKiiSy1OsbxYb601dZ6My-7-E1e0S35RouasciQShp_YVv9AYAlQDNnjFLKcnFQgtCE0OD2DyxAvjsgBFKlLVYJeCx3ES5s90GlHV4EYbnGl9Iodm3Zbn-1wHVSw2VXIpmbmGr092I5CgrDz6OXmLGZ2s4Sqp0ROb_Hc1j4GcGE6uhC3R-K7VBu7mXmhHnCOCn_ZUF1jJN9zCkidHXqva-TlxwoHBfOpe1QMfFlxTX-p2KiG4Mx-Mwe-kTXAczA9GqhzrhFmqrQ2Msx5UId0AYabrzglzarYPU69zvSJ6LjpB49U4EsCOBNNo43NNfZilsF61Qb6wFWRK6irlwzNAoCuW2Gd0x2pJTPbxsD-6_asY2J7FgjOXPbrEvYtBLWM4pVnJ4dKE5ZI9MtpftwzJnq3x8wXthHUjcuWh-dN-sFkSpCm5bY8vR1HN-vFUJ08nvaDB-dsZdCJtoVlpSOczSs6HIgv6LoVOzh1KmdWMVUJ2ohKeg1cjMPBpHSnOEcup-f46LJ6QHGpt9CRDamWvWiqDtZBcZbMACSXYHGsQA6hiEaQGO4LBpJ6S1ErSBNcGA9dNTx62bSSWBfP9EtSqXTR6fNP83Mldn__xNR4A3XyAcqieqsidCgSH2Ws1RHzxM_CILmW_xBPCQid88SjE2vWzuYD4CnsWBXA0R7FxiXNMG9vUmeukoVF5FvfSGPEF7SNiAE4VAgEwBBmk3Z02fSjjwiTGTkc21gBPwH77Sy4lS7XBbgiwWgLN8OHgruUc5uWZ3yoSOjYbzLuC758eUjlE9CvwF3k3kG4e5omQmqQL2QgMTuR2Y8qvY9zZp_dMeUr56s04SW2YwdX73tuqyGA8zMN6_3-PT_mpUZdpVyDnDV5XF-_6J4UHHUjI7RibtIPTnBYiL-lxufIo41ECYuOFERgsxXqfmFjHsZjHr81MtWhkNH8jp8HlcSyoXptU8Mx5x9BTa_rrBuj2ojJT_gwQ28MfUvC424T4oT02hb3XgiLiyCKVsjvOhrvCV9j1aBLS5tlvc1IU9yjQD6o1qcRIlIra0pSiC-GQVCjRdy6EpwrmyRQsWGXfok79o6eHdKmqXK5wQ0-ZDtdubqyHpkP-QCVZzzxCf623takwb1FQ5G7_Uv9ucFztWgvVv2aIKB4Ih-4aOvsqVc_NaAAQ5jd4SZh5DKJkzHxiIqDC1gzpxVe0VRHGTTAtvxRkFvPL90TDZoefpEi_gFs6HT0AvEY1erFDmKX5TFuM2YtjTNA48n-XdIHhCXvpLo-23ZA1oPLFfGhqeUrA-lhi2xAcOIIinpHgp1IFLZTRWhVtk14SK9elclcUkWS8P4McjHB4a_J1QvSskegUrOcxaHTAXllwXdaNuz4Od9mHTGEwp0mhxN-jEuANmiIojXDYQL0u6m4EqTi3xPZsZe4NEBqrb8PSBE68oSVavT6LWiRMvTPRkvF6AL7fHBTPo0z8nTolifv3a3dSpqUve732nRDrmj6weo7T4xf2FCbTULzWkZh9nkZYk73E8Z1zRBeNTobsWZO9kdjkbsEj9uQLnoWMt8saV7s2KIFyPnQPqU95aLMrCJpdLf_TAlHfVGIh1oihMgAubd3VSqMXIkBbhKfBPk43hE-FyA9u6HwC7M1dkAnNPQ8DXos_Kwy4PzUsUIKHWmuZgpCf4zAw7r7nC99qZGOnfckcroZE0YR_kOT31Fon7tkjOBuWH1QVRbvr_If1HdEav1jiEa3cYgFjDG3zfD9NHMzWBaDywjLSzMf0JH4P-s90ispm9NrNVOknuzFl_yQVaRE2OICmgFhdssHhCzYnWxr3NpJ-BVhoNY5Hk17ELwwB6S1ERy7i_Log7iDlBTOKkC_-qdu0fnH89Qrtif_ev8w5E0x18gScOQN_uVfKAR6n-cS5346kQ8reJJieUGGEJMjcZdFvJ8Igvct1j2AEPTtpLI-WmIkLzaghaaXbC31q83eepLs_o9iq-51xiqYIsLQM_4UFnLtGX_yncNx-c341iFDI2pvVS5-E3m6g4wYpuKvqDohUDLgEA9ZSaULrXYzBioqU4UXIHiOKGDQ_Fw8kTx_y-7pCtKnk3Xo7TGKHUC-WJO02LAgc_NDUHwVCkl6_olXcmX27ppo1puTOT6Uol3sEuWBudXNhGjcDkJFsgHx2vGTFimn-gFkW1mZTBQ3vkq-GH9ojwjW7MXhT7ArinlmwG0BXjhkqdnHkiPbdL12ZYWswDbKszG3d8A90-9Fr1zrzqf-zvKSA2B1yLDeJRY-yS1kaJmulxRnghB_BW1ZtQQiuP40hb2cuGClayWKt0dQC5ne9i-DdTxutZS7nO94tM2EP8rZVEcSaU_i9bAFivbEeB2r5B7muLooh8AFuvXabYUj9bg_I13JZGbqvXU6ZEjsUfJWLSIxoxKKarDSBfD7arDzrl68&cid=CAQSTwDICaaNmjEoffmPaRBR4DqwohGOlq6HlYB1B8VfF5GpbTfjMV_wiLJ8y7OWteprUaw_Wjk6ucg0u_38k3PjtYSqSMVIVZbDYBfI4Wv-bGAYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fautobypayment.com&ds=l&xdt=1&iif=1&cor=4069074573714215400&adk=1877897943&idt=86&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5035149445b75003e2a807779b27cc58c922b5f621c097d705c6d6ed753c2594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A41E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
expires: Tue, 07 Nov 2023 15:34:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 15:34:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 9232 31 KB
12 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnYESGj1RN4c42QD3-KvKjVytygheMHxk8KzLIea4dIUqsJj8O61MkN_WBpGEeNJzO_r_Xd9ra38LMduLfRi-sc4QaV4QceoJty85mI2wzCjpyrEmwPsP27h4Y1m8aVbWTnzVsoenVaBf6lh4ygHAE4hGyEUBwpnw5HQYkUhs1VS2EgbM&cry=1&dbm_d=AKAmf-BuMV2yxtXtKoYyzvwc6WzgurPffC_AbosfnGNZ0iyJYVdTqfDgGjvN1GE3DZNCqrv6_1sUbAf1ch4nT8O-gLn4knlvGutWLgvqY74VU8fKZLoXYo_1bqQXnBCkvbXTtjYZD4lsMNbJ-4TFDMiz5-PSLS1ErnxzAlt2E_deK5T1kwIL-CUe30XHP6EjoNJhD7r2cNdg2KdxgjnMvy5MFLB5uDapdHOGEUVKroIs_bqd1zDzmTTN94E9hTe2p6RKBX_hs94chWxBajv-gxHpxBYUUSbfQs9-uH5gj27L0otrK2IIP2Au5HmvEIk4u2hTZgwXxAwTVUbX17kbYZBTytdPuIK5HtdDuYVp1I7mHyn13UPkULUg6093xf-JaRXRaooR8jiIBAZ6LGSsAThE1-Z5C4qvXsp-mDtT0JCDrSFP9nFdE--44yxNYgY6hRkgyGiAu6tWqeLV_Un3cm1NxUcSYa8uZdt3uESj7VpYkC36XMwBvVFNrYqx8ZtqL-4vSnwueSf0Vf03izovBlFcmgieBuTiGnn6DvA8vL8iwcTjVcYkiqbOhp4MgrRpsMOceACR2HkvlGbqFKcZdRV-tKTK7sdEjtTFi1pRzSg1nBruZMtWcdvGvO3SMhuNaRtYYzMh_WAUunj74QA8FLwEMyrS8OpIKa4Cn6J4aWcCR7mcAQll0FIkSsbgqBCg5BSqodYoiUs0rv3U3fUibWlEz0VXkn8GKVB4ondTiNGQWAKn_NmtUUdEJiA0gO-YzU32QPSkqAGM3ytCkLzI3ysJu5Mf-Ob_jHDNvfU4YtQSaRpVGeOnKBzw2qJ4E2oH1Qd29Jg8XsabkdsoJide13pimrbjeIaY7jCGR7lCCdbz6LOYsOUIFy9OrJlB0SeakzwlnXH5LM_L0ofr0XnujQo9JMTLPnmeX8Y9-g_VE3Y0eOjn1_-_4yKhdvCbFlhU6ZOoN3Cr_si2FayU4R96Q-PG8KKXWkuQXg1ONBJ0t23hqazhnqrrDywEakevSARmnXyxm9cA3AIuE3Zt-KdRC1y_5jBNePlgCMZVtDgRz-ltDF85iMvWGotWVQKoJCcNukqcpaCdmCVYJj-JX3zbIOdn7QFlrsOv7vRkg_HyVu3hf6l5_Jf1XkeHy0W8_7QA8ihFmwm8zJM2fr4SYUAw-dMnf8NMJ9k0uSiGDw8AC6n4V_6qkEJkgWvnS9yJylTvnKB4jykyTYcZmrcRMui9iM5sg2IpLNQiRuB8eBTGMSbPPxJapoJqFUwtc3DTELW4AQVZ-FDfXeFWzKiiSy1OsbxYb601dZ6My-7-E1e0S35RouasciQShp_YVv9AYAlQDNnjFLKcnFQgtCE0OD2DyxAvjsgBFKlLVYJeCx3ES5s90GlHV4EYbnGl9Iodm3Zbn-1wHVSw2VXIpmbmGr092I5CgrDz6OXmLGZ2s4Sqp0ROb_Hc1j4GcGE6uhC3R-K7VBu7mXmhHnCOCn_ZUF1jJN9zCkidHXqva-TlxwoHBfOpe1QMfFlxTX-p2KiG4Mx-Mwe-kTXAczA9GqhzrhFmqrQ2Msx5UId0AYabrzglzarYPU69zvSJ6LjpB49U4EsCOBNNo43NNfZilsF61Qb6wFWRK6irlwzNAoCuW2Gd0x2pJTPbxsD-6_asY2J7FgjOXPbrEvYtBLWM4pVnJ4dKE5ZI9MtpftwzJnq3x8wXthHUjcuWh-dN-sFkSpCm5bY8vR1HN-vFUJ08nvaDB-dsZdCJtoVlpSOczSs6HIgv6LoVOzh1KmdWMVUJ2ohKeg1cjMPBpHSnOEcup-f46LJ6QHGpt9CRDamWvWiqDtZBcZbMACSXYHGsQA6hiEaQGO4LBpJ6S1ErSBNcGA9dNTx62bSSWBfP9EtSqXTR6fNP83Mldn__xNR4A3XyAcqieqsidCgSH2Ws1RHzxM_CILmW_xBPCQid88SjE2vWzuYD4CnsWBXA0R7FxiXNMG9vUmeukoVF5FvfSGPEF7SNiAE4VAgEwBBmk3Z02fSjjwiTGTkc21gBPwH77Sy4lS7XBbgiwWgLN8OHgruUc5uWZ3yoSOjYbzLuC758eUjlE9CvwF3k3kG4e5omQmqQL2QgMTuR2Y8qvY9zZp_dMeUr56s04SW2YwdX73tuqyGA8zMN6_3-PT_mpUZdpVyDnDV5XF-_6J4UHHUjI7RibtIPTnBYiL-lxufIo41ECYuOFERgsxXqfmFjHsZjHr81MtWhkNH8jp8HlcSyoXptU8Mx5x9BTa_rrBuj2ojJT_gwQ28MfUvC424T4oT02hb3XgiLiyCKVsjvOhrvCV9j1aBLS5tlvc1IU9yjQD6o1qcRIlIra0pSiC-GQVCjRdy6EpwrmyRQsWGXfok79o6eHdKmqXK5wQ0-ZDtdubqyHpkP-QCVZzzxCf623takwb1FQ5G7_Uv9ucFztWgvVv2aIKB4Ih-4aOvsqVc_NaAAQ5jd4SZh5DKJkzHxiIqDC1gzpxVe0VRHGTTAtvxRkFvPL90TDZoefpEi_gFs6HT0AvEY1erFDmKX5TFuM2YtjTNA48n-XdIHhCXvpLo-23ZA1oPLFfGhqeUrA-lhi2xAcOIIinpHgp1IFLZTRWhVtk14SK9elclcUkWS8P4McjHB4a_J1QvSskegUrOcxaHTAXllwXdaNuz4Od9mHTGEwp0mhxN-jEuANmiIojXDYQL0u6m4EqTi3xPZsZe4NEBqrb8PSBE68oSVavT6LWiRMvTPRkvF6AL7fHBTPo0z8nTolifv3a3dSpqUve732nRDrmj6weo7T4xf2FCbTULzWkZh9nkZYk73E8Z1zRBeNTobsWZO9kdjkbsEj9uQLnoWMt8saV7s2KIFyPnQPqU95aLMrCJpdLf_TAlHfVGIh1oihMgAubd3VSqMXIkBbhKfBPk43hE-FyA9u6HwC7M1dkAnNPQ8DXos_Kwy4PzUsUIKHWmuZgpCf4zAw7r7nC99qZGOnfckcroZE0YR_kOT31Fon7tkjOBuWH1QVRbvr_If1HdEav1jiEa3cYgFjDG3zfD9NHMzWBaDywjLSzMf0JH4P-s90ispm9NrNVOknuzFl_yQVaRE2OICmgFhdssHhCzYnWxr3NpJ-BVhoNY5Hk17ELwwB6S1ERy7i_Log7iDlBTOKkC_-qdu0fnH89Qrtif_ev8w5E0x18gScOQN_uVfKAR6n-cS5346kQ8reJJieUGGEJMjcZdFvJ8Igvct1j2AEPTtpLI-WmIkLzaghaaXbC31q83eepLs_o9iq-51xiqYIsLQM_4UFnLtGX_yncNx-c341iFDI2pvVS5-E3m6g4wYpuKvqDohUDLgEA9ZSaULrXYzBioqU4UXIHiOKGDQ_Fw8kTx_y-7pCtKnk3Xo7TGKHUC-WJO02LAgc_NDUHwVCkl6_olXcmX27ppo1puTOT6Uol3sEuWBudXNhGjcDkJFsgHx2vGTFimn-gFkW1mZTBQ3vkq-GH9ojwjW7MXhT7ArinlmwG0BXjhkqdnHkiPbdL12ZYWswDbKszG3d8A90-9Fr1zrzqf-zvKSA2B1yLDeJRY-yS1kaJmulxRnghB_BW1ZtQQiuP40hb2cuGClayWKt0dQC5ne9i-DdTxutZS7nO94tM2EP8rZVEcSaU_i9bAFivbEeB2r5B7muLooh8AFuvXabYUj9bg_I13JZGbqvXU6ZEjsUfJWLSIxoxKKarDSBfD7arDzrl68&cid=CAQSTwDICaaNmjEoffmPaRBR4DqwohGOlq6HlYB1B8VfF5GpbTfjMV_wiLJ8y7OWteprUaw_Wjk6ucg0u_38k3PjtYSqSMVIVZbDYBfI4Wv-bGAYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fautobypayment.com&ds=l&xdt=1&iif=1&cor=4069074573714215400&adk=1877897943&idt=86&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 17:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 17:13:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9232 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 9232 43 KB
18 KB 145ms
41ms Script
application/javascript 65.109.98.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.98.107 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.98.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Tue, 07 Nov 2023 15:34:46 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Tue, 07 Nov 2023 18:34:46 GMT

GET
DATA 200
OK truncated
/ Frame 9232 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b34357bc23297846f7a97fccb2353befbbca3dcaaa0a03a89dea4b12e4cf64d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 img01-04-06.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 114 KB
114 KB 14ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/img01-04-06.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d04b7032a1624d09fe101d725d1692c8f12483e970ca2b35bbc3af06200f5001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:43:00 GMT
x-content-type-options: nosniff
age: 114705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116394
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 07:43:00 GMT

GET
H3 200 text01-06.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 18ms
16ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text01-06.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b34c766b13b52b7f71e55ff81603016b6284c3443d1355a106de956de82afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:29 GMT
x-content-type-options: nosniff
age: 448636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2912
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:29 GMT

GET
H3 200 img02-03.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 187 KB
187 KB 18ms
17ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/img02-03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e3433a89abf2b065de00284e62b967f27566784463e953916d28422aa4a5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191147
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 black-frame.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 18 KB
18 KB 24ms
22ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/black-frame.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99237462fbf5c1360bfabfacef0455d88e792841a42654df2e7b1eacc60c761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18460
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 2 KB
2 KB 25ms
23ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text02.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21da843ca7f2dc645c1b9b7eb277aa017735c8eebbd7ac1b5480d887a9cf7e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2261
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 2 KB
2 KB 25ms
23ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d853a2632b6cb14f6eb40de17b940973c45fa01a5639f1eee691a10c28cc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2098
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 25ms
24ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/text04.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b56940e38fe6e1009a22f228e3f45338f81dc01681a1688eb7bffbd6afe23f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 09:06:14 GMT
x-content-type-options: nosniff
age: 282511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2959
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 09:06:14 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 602 B
632 B 25ms
24ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a033a2c80bc18f242ce4e27d2ca1896db22d80687b248f8c6a9d3f2e49190a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:43:00 GMT
x-content-type-options: nosniff
age: 114705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 07:43:00 GMT

GET
H3 200 Mazda_Garantie_1.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 1 KB
1 KB 25ms
24ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/Mazda_Garantie_1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4342920873fecf1f150506595bff096cd9da74cc85cec0155d921743369108f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1478
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/16871138330708016584/ Frame C8A0 3 KB
3 KB 28ms
26ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16871138330708016584/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:57:30 GMT
x-content-type-options: nosniff
age: 448635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 09:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 10:57:30 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 06D3 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 119304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 666D 50 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: autobypayment.com
URL: https://autobypayment.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 06:26:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8A0 0
19 B 63ms
62ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgu6zFFlKZau3HpXztweYoqWICdTS-e1z0YPv76kS1vqev0QQASC9lLmQAWCVgoCAsAegAcfw440DyAEJqQIRSRq9MOqxPqgDAcgDCKoE0gFP0GrsjfjdG9hZ4h4NekYeTbScH0LoO7EwsT0x-wPsFoKza75EjCTgLuynaOPO2QcUao1rXQbU3oirm964z3ruCYLr-mNgS9cQFhsqDmrNLagUAqQ_Zf_xZdmT5ukD94ySLQm45k2YeB-ILEfToqUfaojOdwAe2SJ47P4EzID81DS8K39BpjSe0Pi1K-YVhuizFGnU3oV-gC6yj0j9nQ7VwlJ6OLBE1QceqVbDjPY9CEG3GH78RAyaTYIOP3xvCIbdUZQtwcpJ6gH0YNziLTr2rPHABNfBkafMBIgFp7nrk02SBQQIBBgBkgUECAUYBKAGLoAHz4CjcqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELHLJNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCXJodHRwczovL3d3dy5tYXpkYS1hdXRvaGF1cy1sZW56LW9lbGRlLXN0cm9tYmVyZy5kZS9iZXJhdHVuZy11bmQta2F1Zi9hbmdlYm90ZS9ha3R1ZWxsZS1ha3Rpb25lbi90ZWNobm9sb2dpZXdvY2hlbi-ACgHICwGiDAgqBgoEtbixAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi00OTIwMDA1OTcxMzY2NjkwGAA&sigh=asHowbMXCMk&uach_m=[]&ase=2&nis=5&cid=CAQSTwDICaaNXG1jEsJImKaxLbJ7xZwjprfBXUI2Ofx0Mm3fKFtjBzTSjdHhKylkFafHNnvd1FdU0IaGXS9PkPEkMY6wG4rIGPujpFbhN4drSs4YAQ&template_id=419&cbvp=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4920005971366690&output=html&h=200&slotname=6064643720&adk=3870214829&adf=1570782675&pi=t.ma~as.6064643720&w=1078&fwrn=4&lmt=1699371284&rafmt=11&format=1078x200&url=https%3A%2F%2Fautobypayment.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699371284076&bpp=2&bdt=690&idt=368&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1078x200%2C1078x200&nras=1&correlator=290411673269&frm=20&pv=1&ga_vid=174434805.1699371284&ga_sid=1699371284&ga_hid=1616169365&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44807455%2C31078297%2C44807754%2C44808149&oid=2&pvsid=789430719163929&tmod=1389726503&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6D3bUMufSs&p=https%3A//autobypayment.com&dtd=383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Nov 2023 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 06D3 38 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 12:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 12:43:17 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 9232 20 KB
7 KB 84ms
25ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (frb/6727)
age: 452
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame AE42 2 KB
1 KB 76ms
24ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 318
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Tue, 07 Nov 2023 15:34:46 GMT
etag: "64e38310-744+gzip"
expires: Tue, 07 Nov 2023 15:44:46 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 tag236615 Show response
ads.revjet.com/ Frame 9232 237 KB
38 KB 57ms
57ms Script
text/javascript 65.109.98.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236615?_plc_id=111756833&_key=a27&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmpzMFFlKZYr0GpuOwuIP5beLoArK2c34c4z_hofEEaLO5NzFPRABIL2UuZABYJWCgICwB6ABuayQiynIAQmpAhFJGr0w6rE-qAMByAObBKoE7wFP0MP3LKi2769PVXGJJvYSiL0gjgOLkTEWcja89ztG5kjsJeniYPfhEZFcOqiVyZfkfO2ItCKGxiYznLlAYk7EYCizSv40kXkmI4ktyL9ova6BqxAW8ZgM2xb2o3LCcI7AYVFh2E2KKzqJ5gAnKtxnCkUTUdtUiuAqDlMhSz4cK2CRwUAkTzLWVmsKaK883EkZqi-boqx5QyNMUWhlpAUL03PquFc2-otdv3Y3BY8VBfgJSNItjp508xpVOnIJ0bqas-Ulc99TF5cS-lkI2th0jbFOLSlv8LSK_Np4BMBs0RA6ItjV9VkFC4je9Wj6vsAE4N2Iz7oE4AQDiAXMsuDTS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFsBPBvKsV2BMNiBQF2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNmjEoffmPaRBR4DqwohGOlq6HlYB1B8VfF5GpbTfjMV_wiLJ8y7OWteprUaw_Wjk6ucg0u_38k3PjtYSqSMVIVZbDYBfI4Wv-bGAYAQ%26sig%3DAOD64_3Omh39Zx1SWk-CJWm3ayEMUJsIBA%26client%3Dca-pub-4920005971366690%26dbm_c%3DAKAmf-COSc6BdCUlaJs5N94Pyg7wTuJEyV-c6ui-ywfnT8jGkY__G2zKkguwWLdnEPQZQKhZvF9ATmjOzmm5cMDNT-R6mgKC4N5Q16Sk-ddw9bK57QR684LL6B0lwF2YwjT9Vn19R9liKT68Qo8-LbEAh_rRa-AtSsRG5nKMlOEoIIwoQXIIDKU%26cry%3D1%26dbm_d%3DAKAmf-DC6bfE6UIUCLGK7nS4LS1MzyGsXcUMAuhdopGxnCYnYI6FZvEBKBkJ-VMSWFDjIl_07H2RWsKspC3PwS8iwvJ6fxkAG03cGFpn-VdfNYFj8KSz8A_qEjpC7yUhGyIorp7qxqDhAIAid2fvMj2VEMwF4ldAz-HJ7L5EJTGb7wBbwzk-6b3Fyk4tDephSEda1dYLOiXd4CJv_k6Qg8okkbWjeYjqk7XcyleEY8yRwMlLIR0hpIrkO2C8tR_T7xCojs5lC4OpcNN9zA95sWbbWaqMnFj4nvgNf9UVs0nHQAyHKS8QdSlCcnD864j8DE1XbJLBmMs3JehPSliZzY--j7NJYWejnr49SyiAR78-q2M0GVd0XcI_65eDsdfZup5INyU6f9kW4Sw2sJ-yA9cyvZmtF1SALlCxQ_WsqAcLc5o4vBZk6zoUiYrJTGx4Y1Ui2lWX5uCDYQMI6qOeYk0GxWvjMfcx0hFU-bOaYvlyOBVjhz2e6VTIZrLtd8WCsYwQ6S0b6MakjZv04F9c7pcPw_3pbC9hIDKn_SGz9WVX4SnKS-vkNyM%26adurl%3D&dv360_cmp_id=20308302156&dv360_li_id=1013245245&dv360_crv_id=467097573&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231102%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-4920005971366690%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D4%26xpc%3DzYeHW2Wjqt%26p%3Dhttps%253A%2F%2Fautobypayment.com&_js_site_ref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231102%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-4920005971366690%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D4%26xpc%3DzYeHW2Wjqt%26p%3Dhttps%253A%2F%2Fautobypayment.com&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=f09b10fa38ca7d04ed5f_1699371286262&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fautobypayment.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1699371286276
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.98.107 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.98.109.65.clients.your-server.de
Software: nginx /
Resource Hash: f3fa060f6f16ad6d13161c8bfaf3a4b0e37161164c8140bf128ba7c0c73fb9b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip54687
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 06D3 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bj1OHFVlKZfbIMJKWjuwPuMe7uAcAAAAAOAHgBAI&bg=!-_il-LfNAAb4oU7C2KE7ADQBe5WfOGdlrfECMRvQUx1msThhyiHSKe2ymX98Ja0g_AM3iwYD1_238zYSud954L__MxvAAgAAAI5SAAAACGgBBwoAKz7lZzYI88_zqKTWJqPFbXAkX3KmpQCThq1m7ZBYsU4blTBSJc8GBYUkYYqZA0NI8l4t-ulMhfII8owMiFcXz7N3zRj2Nn2JlOILNPVdTbV4lak-G0yQSgK5XzCCHWgPc3mNnUlkt5XVGas-OrQgPwVTjSotWU48CLeLWrapLrsJW67nHGbFtrEk7jFYwnCKVva_7KObikU-QW1Ia33FfyO6V2HXHisE6zHjM-wsjHkMJMWynrvncprYG00arN7HIbJBrJ9HowDcKSgacikSceScnceyp3rGoas2gbPe98Qa2bzWO9G1ogdCkrRW02S_Sgx1ryC3TP3QcryMDzAT1OaXrMPc5YgdJ1vGvdiHC3vRHE6NdXrZfTKxEFptfEvaGNUYNdbnCsNIOtT3srUY-AzoIkSqCy4WSmIkEvRbzQy3mqvCx9DwVpGZES0kTVx4oAaVYnvXuiTatYonlhYU8iLi9aDwXLTykJsH3jIv-eKHnbxkKB8HkhSXZLtQDRsVvo7q22jbL-kahrZBjwuFYdTbGLuqhrfnSU-2PtH_StJ1bOUR_HwxOCdtj1o8lT6j3cItChQ2f1lD0JMPYIJqOvxJzQHbvqJC8b1PkE3e_t6yZQDJ4B5W25BegY7tqrdlo1a13sMU5F0qNzXYQHa3fu2DlDWhGoGgXop-eckDWytnp2fjuzx-QJY3R_MVATXRHVjmjlapUZT0q1hBz6OWfrKnfHsoGZr5ZvlgIsysID6-o2RV1Pz8EDpPTgeLRJSR8oxnGxIoSTnWnL2oj8REqnObPpy295Mk3_gooOUC1T1TRFyI0PIX1Ud2lekfBo-7NEGX3w0MjLngM0IEHmFdvDrm0bXO3uLKRJoBNRs6BgQ9g-n30DmvZUJ1bZvVg5-MceuOKZxYMHfc2C0jMjux6UjDYMrvhfmskUeVei7taQXTD1E09NHjPfSw7lHCs_70thsR7rzysFmR-R25EflmvR6yCmEqpBt1FhN8MJYk8zqIsFiT2MC8roFYJqQQA85Lhmpt1x8zt0wIxX9RRPSljXIKh5QITFg0V2lIbn0ziLy2l4EBccpYZM5t7HO15nz8DZjmBfxoZarbgcq36qKkZbAtCvrKRINsSuz0afnSrkincTs0yKfRy3R3jiYmakJOHDfpe8sJHH3FN_b9sNLLWaeh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 561F 167 KB
50 KB 38ms
8ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (frb/67BD)
age: 74
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 561F 43 B
171 B 153ms
44ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=b79e6a1425f521343652a713e3fba940&__adt=8240603765886436541&__ade=1&vid=5092717973276983068
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 561F 33 KB
33 KB 14ms
13ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 67329
x-amz-request-id: 6XWCCC5JJQG4JRG3
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: aXStGpiv6eu83M1WbBj2LqtAvxcsyLgljlk4F7bIewMMa5kDkKsgV5wX/cLX7D2atU1nItZrOGs=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 561F 56 KB
15 KB 16ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/668C)
age: 464
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 561F 3 KB
2 KB 16ms
15ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 67563
x-amz-request-id: 4BJBFCS7VE1D6NRW
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: BLR5TutgB3YByerBCXfbMWMDGnuSmWvt5pKrA6plZFhSvgi+Kw/rD1aEkYM0ys3qwdrXXH0dkeM=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 561F 632 B
628 B 17ms
16ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 67747
x-amz-request-id: XKEXCB4VYZJHZ400
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: spHxfS+xjI/RuRTfIf6TRC8NW+MCNkSQynbgX/dMWPcz0bdwjwj3crUIvaci7urT+urm+4ai1oM=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 561F 7 KB
4 KB 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 67717
x-amz-request-id: D0CSWSRAZHK65K87
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: DR1OSdVFQ/XUVTI3EeZcU32TpuhlRvrMF0Y0rzXfOTpFFntzhyYOebPcDhfcRWW8sLODNuoO+mM=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2

200

B29257362.357505518;dc_pre=CLKD_a6bsoIDFWSQ_QcdFLQMSw;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1699371286312
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 561F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16993712...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CLKD_a6bsoIDFWSQ_QcdFLQMSw;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_chil...

42 B
119 B

36ms
35ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CLKD_a6bsoIDFWSQ_QcdFLQMSw;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1699371286312

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CLKD_a6bsoIDFWSQ_QcdFLQMSw;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1699371286312
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 561F 34 KB
34 KB 29ms
15ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/6760)
age: 253
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 561F 632 B
506 B 9ms
9ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 67747
x-amz-request-id: XKEXCB4VYZJHZ400
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: spHxfS+xjI/RuRTfIf6TRC8NW+MCNkSQynbgX/dMWPcz0bdwjwj3crUIvaci7urT+urm+4ai1oM=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 561F 34 KB
34 KB 8ms
7ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/6760)
age: 253
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame 561F 34 KB
34 KB 7ms
7ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (frb/67AA)
age: 215
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 561F 286 B
457 B 8ms
8ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 67726
x-amz-request-id: GBA5R7HZ259ABTRP
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: MeJAdQd1ef/OmuQaWox/Jn38m5Ae3PBCndM5bCGXWvl2ZlwoH0C9Nf/5JflX7Y41vKT1kZ11bDQ=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 561F 36 KB
36 KB 11ms
10ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/67C1)
age: 271
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 HelveticaNowText-Bold.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 561F 34 KB
34 KB 8ms
7ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Bold.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/67A8)
age: 237
etag: "631b6705-8678"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34424
expires: Tue, 07 Nov 2023 15:44:46 GMT

GET
H2 200 990179674_uc
cdn.revjet.com/s3/csp/catalogs/prod/111523634/ Frame 561F 383 KB
384 KB 17ms
16ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/catalogs/prod/111523634/990179674_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 311db56c54618f8a7dc5ea65db90908df42b392119ce4a85ae176de58d468be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:34:46 GMT
x-amz-version-id: AlUoCp63rzmSi1AmHe.xXeW_eGknmlFS
age: 68459
x-amz-request-id: VBPNASTCTW0BGKEB
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 392395
x-amz-id-2: U8AmTMmsL8UEH+2B3cre53ez8NMfITXqHmZURwqDVjNy8e+PazvjJRL+WvSNAa04VOILoszouew=
last-modified: Fri, 22 Sep 2023 10:11:14 GMT
server: ECS (frb/6711)
etag: "221a3253ad6cb1e26beafc8c5ad613bd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 08 Nov 2023 15:34:46 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 561F 43 B
170 B 43ms
42ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=b79e6a1425f521343652a713e3fba940&__adt=8240603765886436541&__ade=1&vid=5092717973276983068&__clstampdif=168&__stamp=1699371286551
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9232 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1l5-823ZoyD0rAI_Ej0olv2FrIpn9UJS_w56_bn_sXm1pw_Opp4Hq9MpMxBWgEyp_-7_ku5VRelo2D7rzAN4lFZYC9c-tpgDdccwCYs9EVkRF-2ABC6kt0DmBqW_jBX80GuoZPWGL9XMb&sai=AMfl-YRXIk51DgENHWi0mMoPTu3JtkOZTOiA0x6bKLChSh_BzAUcjp7dD0bBgo41yBYLkoLKesaQg9B98Ogtj5_p3q1ph0phKuWYDwJDb-sqN5bNpRNKNqsilGv1c3atNcert_Y4uXuk4HdoTK6xip8_1w&sig=Cg0ArKJSzEdjdNO14uWhEAE&cid=CAQSTwDICaaNmjEoffmPaRBR4DqwohGOlq6HlYB1B8VfF5GpbTfjMV_wiLJ8y7OWteprUaw_Wjk6ucg0u_38k3PjtYSqSMVIVZbDYBfI4Wv-bGAYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=479,949,1000,1000,1000&tos=479,470,51,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699371285555&rpt=370&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame 561F 43 B
170 B 41ms
41ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=b79e6a1425f521343652a713e3fba940&vid=5092717973276983068&__adt=8240603765886436541&__ade=1&latent=0&vis_type=8&__stamp=1699371287510
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 15:34:47 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9232 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4693597932785&version=m202309260101&ct=77&x=1&cor=4069074573714215400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0PXVN4THZC&gtm=45je3b60v869492254&_p=1699371284012&gcd=11l1l1l1l1&cid=174434805.1699371284&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1699371284&sct=1&seg=0&dl=https%3A%2F%2Fautobypayment.com%2F&dt=2023%20New%20Car%20Prices%2C%20Deals%2C%20and%20Offers.%20Car%20Loan%20Payments%20with%20%240%20Down.&_s=2&tfd=6786
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PXVN4THZC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 15:34:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://autobypayment.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
autobypayment.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 80fb48d7d0b067125c18dfcfc5a7a440
.autobypayment.com/	1970-01-21 01:38:51	Name: _ga Value: GA1.1.174434805.1699371284
.autobypayment.com/	1970-01-21 01:24:27	Name: __gads Value: ID=55a0276f120064d5:T=1699371284:RT=1699371284:S=ALNI_MZ1X8BGZNjfPqaI9WpkDNSgzhloGQ
.autobypayment.com/	1970-01-21 01:24:27	Name: __gpi Value: UID=00000ccbe521ada6:T=1699371284:RT=1699371284:S=ALNI_Ma0Zi3PTHyhY-Q1irmBl2aLpFKL6w
.doubleclick.net/	1970-01-21 01:24:27	Name: IDE Value: AHWqTUmifQOTn-dBmMhDW0VTrnicpCB-okB2701VCzUnhG7g31bsIrNEAFXr0rd6F0Q
.googleadservices.com/	1970-01-20 18:12:27	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 00:48:27	Name: CMID Value: ZUpZFSt36TtL.hRqFKR0zQAA
.casalemedia.com/	1970-01-20 18:12:27	Name: CMPS Value: 2128
.casalemedia.com/	1970-01-20 18:12:27	Name: CMPRO Value: 2128
.adnxs.com/	1970-01-20 18:12:27	Name: uuid2 Value: 5260793077766807880
.adnxs.com/	1970-01-20 18:12:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQfjcPQ!]tbPl1M>e)ZlrFUfJ+tGXxoT:!UDnG?.b$Mvq6dX7Sx>E=R_]^NE]c1u(zM3If)y3KL9D3I?+RoZFeW
.doubleclick.net/	1970-01-20 20:22:03	Name: APC Value: AfxxVi7xu36k18mzbYH-QucLg0iH_Tw8GslxcJaTfca_vBachUT-_Q
.doubleclick.net/	1970-01-20 16:02:54	Name: DSID Value: NO_DATA
.autobypayment.com/	1970-01-21 01:38:51	Name: _ga_0PXVN4THZC Value: GS1.1.1699371284.1.0.1699371285.59.0.0
.revjet.com/	1970-01-21 01:38:51	Name: trx Value: 5092717973276983068
.revjet.com/	1970-01-20 16:04:17	Name: ads Value: b79e6a1425f521343652a713e3fba940

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
autobypayment.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.revjet.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
databanq-s31.s3.amazonaws.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.revjet.com
region1.analytics.google.com
secure.botw.org
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rsptrack.com
142.250.185.66
142.250.186.162
142.250.186.166
172.64.151.101
185.89.210.101
192.229.233.6
2001:4860:4802:32::36
2606:4700:10::ac43:1be9
2606:4700:3036::6815:1b98
2606:4700:3108::ac42:286e
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9c
2a04:4e42:200::649
3.16.84.226
52.217.132.129
65.109.98.107
95.217.105.250
0360329453f6054fc2b40563345db72b3db72695fc594f0a3db6884891b65b3c
0465fc972d0399745d890a45dd263bb66ff407fa7f29fc1f469dee1753dbfd0b
053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e
08e3433a89abf2b065de00284e62b967f27566784463e953916d28422aa4a5e4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62
0e34f05f1a9012b9f5f26aaad7ba34876808d0dcd88edb4b805eb484cabbe73e
115bc05a35999e3681dc74b2c0a899264f61afb256ce711521f8c9444bd628d6
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17c1b592186383b442dd5ed15ced661820f27560d285cf8b52f0d73d5bd9a89e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1bbd14af932dfbfd3adce4c0d0ce7316283903406466d85ac4076d33c5ed63a6
2059244da52a08f51c4d78ad356f096ba87a8b073c61eef5ce99417a20ebf0d7
21da843ca7f2dc645c1b9b7eb277aa017735c8eebbd7ac1b5480d887a9cf7e4b
28c79403f40a10357eabec766f1e12f891785ad362a809d0761db6d6dc9b695a
2b0943a10706fddc821e35439a5c4a0c7ed1bee1c4fbd226dedfc5646821d149
2b56940e38fe6e1009a22f228e3f45338f81dc01681a1688eb7bffbd6afe23f8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d9f5ca4557a48b7b5d671eef2f2880658245985c1b7ea549a0096a2bf5db4ba
311db56c54618f8a7dc5ea65db90908df42b392119ce4a85ae176de58d468be2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3be94bef7bd8ec05adc21bf1c7c2a9b6037c269e1fe83ccc1f14337e8c479448
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3e40b891a79ad4a254e7d2bf435e92f84ec8636311e60df42dee9fa3ae8cbcfe
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42a786bf1b9f79afb601db7bd3567eb64ddb5633f44200cff159fb47e6b45d26
42f2b1c77879c006b50e231b9e46b218acfb5b2464469f65ff61cafd3bd92d61
4342920873fecf1f150506595bff096cd9da74cc85cec0155d921743369108f5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46dd59e48765d73b107d55a115a0caad65523094bc7454686b9feab1ed794cbf
47d853a2632b6cb14f6eb40de17b940973c45fa01a5639f1eee691a10c28cc5c
4a56bb649c71c0fa5a68333c25a477ceabdb4bfcc6310a89f7bb198ef078ff7b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dee2e5aa10555026f205dabff8ca2785b77646b0b744bd633a4dec2cd10bb35
5035149445b75003e2a807779b27cc58c922b5f621c097d705c6d6ed753c2594
50b34c766b13b52b7f71e55ff81603016b6284c3443d1355a106de956de82afe
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59abaa670d52da9b161071754a5267a9a6942cdcf7f3886667b060247609d0ee
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c
5d5aea4099bde12c0ce5da7fce96bf2033a02a57c218f2f3d49f44c96f886b7a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65fde1645c05c61b90f67ec7fce65bb734778128400edf0c1902402967b116f5
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d329fe8ac58723b7c6fb483c2bce839a9bc5d2809e6615f5e6fa15a1b1509f5
6eef1b8d50b7fc23be6ce4efde6b1e1f72b652c2de325f6a1d04b07834579c68
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
71ee6ee0a38c0185b3cd8fe7aab17e088a95c6d11c52691a5393455bb8426843
72393af04a8e05d7068bc55119dc75904550737044a317b3c5e93d61dc58f72c
7326b878f0ae19f2db0a0ce7da4a80cce16149da19a6665bcd1b059da6cc933d
749171d8d5a02da3fa3a9f8527d166b42b089551539ca116ab571264c4e6d000
759d98cf1d61c19a6a5ded8a4e97755d72a8f24ad9cf0879b5f6a712e77f55ba
79569bbf98e046743427673c2f59a9649ee833f2a9089b2e6497d435b5fe1b09
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
802db1cafbec94ca8095a56aa252945692761fde8d902c8bbc463a553a975579
836c031b3c77e7ef012f80443145eaf2945f585fd9ac4e2c78571ef27da00670
85eb053c0729d176bae44be135b57ea65ba13a8cf810c453b2b0a929ec6c21f6
86d02d87775e41f19f6dc9d450f0eb666e52b9550aa4c76c2d8a087cb70c1f39
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82
8a033a2c80bc18f242ce4e27d2ca1896db22d80687b248f8c6a9d3f2e49190a4
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8b34357bc23297846f7a97fccb2353befbbca3dcaaa0a03a89dea4b12e4cf64d
8cf9f874c540eee2a9ba19642daa465f1fa31433931c24fb221e404b1fc35c8f
8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5
9175f983a3f9219382d10bea578d2dfb550d35e086c6bc892146a0345abe5138
9193e16e5777bb4406906cf09824528369b0f36d509e4b640750804a090a8674
951c0dd845469faa14e0e741a267cbc46e0fc355e46cbbece1e562feee6f3b16
963e263e56326890a164f2f51e9c9a0294931b292b9693a3cb1647c0002358ca
99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a
9f6db5b49fef9ff85b3f82028b27f8a47284bc2d1bfed64e5e057978bacac87d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3cd831e5105978fa78fa55bb194b31d5dfdd6d02d2cb4c9ff857ba21b3a06a0
a8e2a972fa09bbcdf697bdab492aada2c89604c074595eefd95b76bf9cae3d1f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b9acfef0c9f042ef8689a12d381f155fd10eabadf96a8b9510eeb3176d7780f9
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c09a053a55dd7c85b353eafd9ff13e1f54d40cfee70a81e74492db2a77b8fb9b
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6bf7902399cf0fd6c2a4e1677e6f4902b81db6af17a112803dcd5642a1dd69a
c99237462fbf5c1360bfabfacef0455d88e792841a42654df2e7b1eacc60c761
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04b7032a1624d09fe101d725d1692c8f12483e970ca2b35bbc3af06200f5001
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9578575e40113689cad208384fc82d016be8e4d103564691b7603ebc1288d6d
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dcee3b1cfa6cdc64b7a93ee2ac55a850bde489fedeb5c2e7ea655359c69ca86b
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2d90ec3418d19aa3b77e76054eb71b0fd006122c432bff404a326638e618c64
e36836bf548d85af7645b69ee932a5be8251516678b801f27014124d44fcd227
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbb7cd5c5359d07e96e7e5795caf2916a4a6be3dff2f9c8d6eb2e78f2593552
f3fa060f6f16ad6d13161c8bfaf3a4b0e37161164c8140bf128ba7c0c73fb9b6
f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

autobypayment.com Open in urlscan Pro 2606:4700:3108::ac42:286e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

95 %HTTPS

68 %IPv6

22 Domains

31 Subdomains

32 IPs

4 Countries

3685 kBTransfer

7319 kBSize

16 Cookies

2 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

autobypayment.com Open in urlscan Pro
2606:4700:3108::ac42:286e Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

95 %
HTTPS

68 %
IPv6

22
Domains

31
Subdomains

32
IPs

4
Countries

3685 kB
Transfer

7319 kB
Size

16
Cookies

170 HTTP transactions
6 data transactions