tw.begin-it.com Open in urlscan Pro
2606:4700:3035::ac43:a0e5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tw.begin-it.com/
Submission: On October 11 via manual (October 11th 2021, 6:58:35 pm UTC) from PH — Scanned from DE

Summary HTTP 219 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 219 HTTP transactions. The main IP is 2606:4700:3035::ac43:a0e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is tw.begin-it.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time tw.begin-it.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	2606:4700:303... 2606:4700:3035::ac43:a0e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	104.248.83.85 104.248.83.85	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
14	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
29	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
219	24

59 2606:4700:3035::ac43:a0e5 (United States)

ASN13335 (CLOUDFLARENET, US)

tw.begin-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.begin-it.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.83.85 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

gomajor1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	begin-it.com tw.begin-it.com www.begin-it.com	3 MB
43	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	575 KB
26	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	363 KB
23	google.com 4 redirects fundingchoicesmessages.google.com adservice.google.com www.google.com	90 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	181 KB
8	yandex.com 2 redirects mc.yandex.com	2 KB
8	yandex.ru 3 redirects mc.yandex.ru	67 KB
5	googletagservices.com www.googletagservices.com	176 KB
5	zx-adnet.com cdn.zx-adnet.com	123 KB
3	google.de adservice.google.de	1 KB
3	googleapis.com fonts.googleapis.com	3 KB
3	wpadmngr.com js.wpadmngr.com	26 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	84 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	onetrust.com geolocation.onetrust.com	387 B
1	googleadservices.com partner.googleadservices.com	660 B
1	nawpush.com na.nawpush.com	374 B
1	jquery.com code.jquery.com	29 KB
1	gomajor1.com gomajor1.com	15 KB
219	21

	Domain	Requested by
57	www.begin-it.com	tw.begin-it.com www.begin-it.com
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tw.begin-it.com tpc.googlesyndication.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net tw.begin-it.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	tw.begin-it.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	mc.yandex.com	2 redirects tw.begin-it.com mc.yandex.ru
8	mc.yandex.ru	3 redirects tw.begin-it.com
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	googleads.g.doubleclick.net cdn.zx-adnet.com
5	cdn.zx-adnet.com	tw.begin-it.com cdn.zx-adnet.com
3	securepubads.g.doubleclick.net	cdn.zx-adnet.com securepubads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.googleapis.com	tw.begin-it.com googleads.g.doubleclick.net
3	js.wpadmngr.com	tw.begin-it.com js.wpadmngr.com
2	counter.yadro.ru	1 redirects tw.begin-it.com
2	maxcdn.bootstrapcdn.com	tw.begin-it.com maxcdn.bootstrapcdn.com
2	cdn.jsdelivr.net	tw.begin-it.com
2	tw.begin-it.com	tw.begin-it.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	js.wpushsdk.com	js.wpadmngr.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	na.nawpush.com	js.wpadmngr.com
1	code.jquery.com	tw.begin-it.com
1	gomajor1.com	tw.begin-it.com
219	28

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.begin-it.com
lt.begin-it.com
pt.begin-it.com
hu.begin-it.com
it.begin-it.com
fi.begin-it.com
et.begin-it.com
hr.begin-it.com
ru.begin-it.com
id.begin-it.com
lv.begin-it.com
sk.begin-it.com
bg.begin-it.com
hi.begin-it.com
fr.begin-it.com
uk.begin-it.com
vi.begin-it.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
gomajor1.com R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
admin.musepresent.com GTS CA 1D4	`2021-09-14` - `2021-12-13`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
na.nawpush.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
js.wpushsdk.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 23 frames:

Primary Page: https://tw.begin-it.com/
Frame ID: 3A82865F30A899AAFCD6F4BAB0929FB5
Requests: 146 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/zrt_lookup.html
Frame ID: F9078A421C8C5B2E0B916EA5778D9805
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&adk=1812271804&adf=3025194257&lmt=1633978709&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftw.begin-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=5&bdt=180&idt=644&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=274831934367&frm=20&pv=2&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=870
Frame ID: 890002D2A99D2592911BF109968EED83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881
Frame ID: 6436AB81D20149378C1AEF0E35998407
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3795518542&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=2&bdt=180&idt=755&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ub9lKaTOQ5&p=https%3A//tw.begin-it.com&dtd=889
Frame ID: 53C333889C75F7E568AF697B0D582C29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897
Frame ID: 0EA34882566C934BBEFE6C3320CFB1CF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=1680940124&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=806&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ROaJaOcnF6&p=https%3A//tw.begin-it.com&dtd=905
Frame ID: 70FA4ECD25D7C41A4543B8402D4AF1D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057
Frame ID: 127C5D4DA3D8A11264E145747827FE59
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=369495476&adf=4123335434&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708226&bpp=1&bdt=185&idt=1074&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=9&uci=a!9&fsb=1&xpc=51MoNSf8OI&p=https%3A//tw.begin-it.com&dtd=1081
Frame ID: ACD4C32243B27C40DEB840C6ACEC55C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104
Frame ID: C279FEFE6D39C146D2D9CF428B533586
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=154809259&adf=2551053022&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708228&bpp=1&bdt=187&idt=1115&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=11&uci=a!b&fsb=1&xpc=bri2EcAEok&p=https%3A//tw.begin-it.com&dtd=1120
Frame ID: BCBCD4D353B73E1F4B56E6292459B7A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=2417121200&adf=2317390253&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708230&bpp=1&bdt=189&idt=1163&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=13&uci=a!d&fsb=1&xpc=bz9Ryw493F&p=https%3A//tw.begin-it.com&dtd=1178
Frame ID: F0D86958FF4D8FF890F031B149B10F7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F0FD3B1224484DBB95DFAD643A6C65F2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C3E8ABB799752F7E0C12E9DE9B5AB366
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Frame ID: DBCF1AFFBC1721CF391532A1C124B8A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html
Frame ID: 490303F1829EEA6C3685E1FEE5172109
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CakB5VYlkYYmuFZbQgQfwhbKgC72kuo1ew_3ghIUOzpiXza4ZEAEg0dTAbWCVuqyCtAegAf_4wZgDyAEJqQIRQQ5DvWqzPqgDAcgDSKoE5gFP0IoyIbzzFbpFrYNEzu-DviQmuhp5SE8xxnp8U_aUdiUGcgsUeKHEdp9v5Y_Xuny2suZW9tSgNRmbKiXHAxWo-GB42Fs2k_93kVCB_7iyOD-KYKrObEZDrz8a14P-apkKMJ1Wl6sRc-XyRDPTxOCJQjwT5vMue4RBd8SwP3ISWvG2iuPbfV2ZWBkWD3Cczy-PLrPX9YQYcSFrijv4u6G30qHOAiP-tpb5liKgzbZ1O6sqDsGOnd1tK1QC-2EhCaUnomo97_zQYr98DmPcEOwx4IhGFTSH2GqoaBaho_sP4hsJSrWFycAE3ZTyv5YBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-mGvmeoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEM-jEdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDA4ODY3OTgwMDQ0NDkwGAA&sigh=SWCZwrXpvLg&template_id=419
Frame ID: E154F30BB43D88E900F3E41FFE36FDDA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 075304033EDBC2CA204BAF951C9598C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 76A8EEFA51B3810BD0490DADF5836722
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Frame ID: 6BF0E790836CB32AA1D2B3F18328157E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Frame ID: 650DF8659E852F9392429A0D3059B9CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BB59D538437FE7DA73A240BB8C60F73C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A714F1F14B103739BC9AFECC8DFF607
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Begin-it | 2021

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

219
Requests

92 %
HTTPS

74 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

4675 kB
Transfer

9792 kB
Size

26
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.begin-it.com/

Search URL Search Domain Scan URL

URL: https://lt.begin-it.com/

Search URL Search Domain Scan URL

URL: https://pt.begin-it.com/

Search URL Search Domain Scan URL

URL: https://hu.begin-it.com/

Search URL Search Domain Scan URL

URL: https://it.begin-it.com/

Search URL Search Domain Scan URL

URL: https://fi.begin-it.com/

Search URL Search Domain Scan URL

URL: https://et.begin-it.com/

Search URL Search Domain Scan URL

URL: https://hr.begin-it.com/

Search URL Search Domain Scan URL

URL: https://ru.begin-it.com/

Search URL Search Domain Scan URL

URL: https://id.begin-it.com/

Search URL Search Domain Scan URL

URL: https://lv.begin-it.com/

Search URL Search Domain Scan URL

URL: https://sk.begin-it.com/

Search URL Search Domain Scan URL

URL: https://bg.begin-it.com/

Search URL Search Domain Scan URL

URL: https://hi.begin-it.com/

Search URL Search Domain Scan URL

URL: https://fr.begin-it.com/

Search URL Search Domain Scan URL

URL: https://uk.begin-it.com/

Search URL Search Domain Scan URL

URL: https://vi.begin-it.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125

Request Chain 95

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9423.NzlobYtN_QTfL2tiaWdH8jPLVtznCgL9eBD0kikkNaYUBS0LpWSnsEd6hAsCEftJ.VQaa1fbSPXjfW7uwBHTSsjG5qGo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9423.5G6qnqNNu6M_ZwruKCG8Hc87ijHuafB0j5AMCxRJIpDxcGROjQVaduq5yf_Bz0iupyc4Jn6NQRmxLJN4X2mzRA%2C%2C._hiskVdrPt4GswDMlizA2Timd_8%2C

Request Chain 114

https://mc.yandex.com/watch/68313514?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A490068285940%3Ahid%3A21927261%3Az%3A0%3Ai%3A202101011185828%3Aet%3A1633978709%3Ac%3A1%3Arn%3A402286219%3Arqn%3A1%3Au%3A16339787091000912197%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633978707936%3Ads%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C743%2C63%2C%2C%2C%2C848%3Adsn%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C737%2C63%2C%2C%2C%2C848%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633978709%3At%3ABegin-it%20%7C%202021 HTTP 302
https://mc.yandex.com/watch/68313514/1?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A490068285940%3Ahid%3A21927261%3Az%3A0%3Ai%3A202101011185828%3Aet%3A1633978709%3Ac%3A1%3Arn%3A402286219%3Arqn%3A1%3Au%3A16339787091000912197%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633978707936%3Ads%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C743%2C63%2C%2C%2C%2C848%3Adsn%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C737%2C63%2C%2C%2C%2C848%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633978709%3At%3ABegin-it%20%7C%202021

Request Chain 153

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tw.begin-it.com%22:{%22https://tw.begin-it.com/%22:%22%22}}}&r=0.744301746025738 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.744301746025738

Request Chain 155

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tw.begin-it.com%22:{%22https://tw.begin-it.com/%22:%22%22}}}&r=0.07376573944414777 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.07376573944414777

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 200

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 202

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

219 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tw.begin-it.com/ 75 KB
17 KB 101ms
74ms Document
text/html 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f125ccfff94cc5d69d464699ec7324cbb8961735279c35a96adb87d71f21a6f

Request headers

:method: GET
:authority: tw.begin-it.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Tue, 12 Oct 2021 18:58:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUyPordjKZNSPLvI2LYfCuWPhRYsVG%2BdvjB49kKnYPNqfJEdqfwxQ5c1hvyfK2VHlQQ9pdK4hzo6QHWSeK8GEOM3vxHW1WyVc5PMnykNssWPPAEr0yqPk%2FLdhK0mCpTPtJPFClY33eycayfyUY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69ca51ecc8d75c9e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 65ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df25a89baab0bfb1e5b93eaf49ca951ab0ff0dc5bdd63357250b5706b99db798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51374
x-xss-protection: 0
server: cafe
etag: 7667996485004739214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:58:28 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
1 KB 45ms
26ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1217
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 69ca51ed8bac694b-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 35ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1217
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 69ca51ed8bb1694b-FRA

GET
H2 200 nch-wavepad-audio-editor-lets-you-edit-audio-files-like-a-pro-4.png
www.begin-it.com/media-content/downloads/ 64 KB
0 170ms
158ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/nch-wavepad-audio-editor-lets-you-edit-audio-files-like-a-pro-4.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 240752
last-modified: Sat, 01 Dec 2018 10:15:30 GMT
server: cloudflare
etag: "3ac70-57bf33204d480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emBsQ%2BxqkC6wEpuYJ8SgwVqn7uh44koTWKbu6irwe6IlKvsR4ghz4ab68HB2KL82Qq8OSiICZHBJ0xDRkYXedSTfTqK6p5XsstEmfp%2Bes3Yq0CL7MJG1bY0CrMkjMXJcIAtJ2BcafYJDJ7wgH04A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8aea5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 mp3-toolkit-free-powerful-audio-editing-software-for-windows-8.png
www.begin-it.com/media-content/downloads/ 64 KB
0 198ms
186ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/mp3-toolkit-free-powerful-audio-editing-software-for-windows-8.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 245416
last-modified: Sat, 01 Dec 2018 10:15:58 GMT
server: cloudflare
etag: "3bea8-57bf333b01380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtSNvJUb%2FCnojJEg%2BkyVudjc7zZJdu3nHMFdTyLPVv84W0wUVu9lIkeOix9BDm2qzL3m760pQPEwEdAsbL3oyA3cH9wOQLduSPZpeoovXpErhInVBsJLa8JvLFZWGCi9zEZenM2CryCO7SkEw9Hn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8aec5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 edit-mp3-audio-with-mp3directcut-for-windows-pc-1.png
www.begin-it.com/media-content/downloads/ 192 KB
0 115ms
103ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/edit-mp3-audio-with-mp3directcut-for-windows-pc-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 254459
last-modified: Sat, 01 Dec 2018 12:51:41 GMT
server: cloudflare
etag: "3e1fb-57bf56092f140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0iRGzp%2FKSR03NdUX%2BLz1oR8RBXvTM0C1TCsPMiTNAroZFsJAYBSjBD6qwg2n%2FWcIATK7lsCStSQ3D4UrsKnht3JCSWpLYKmE2E4%2BPfchB8TuXK6d1qwnjCCD6mbp9UNYO0eNTBIWGXUXGWE7Z%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8af55c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-make-calls-and-texts-from-your-smartphone-without-cell-service-1.jpg
www.begin-it.com/media-content/blog/ 34 KB
34 KB 60ms
48ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-make-calls-and-texts-from-your-smartphone-without-cell-service-1.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad444bdb5b9f03052e01ee1d2348be6a0d920a7960bfba2d1489a1b8b5f3d55d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34630
last-modified: Sat, 01 Dec 2018 11:31:34 GMT
server: cloudflare
etag: "8746-57bf4420df180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGbY01%2B5ahont8nFDeY9nfDoxM2x%2F27P0PT6PI6OHmSZRomzkHz4PbtGEqb4o1Md%2FT88lCwLGYhLH4SZxHDyLkg%2BLxTZZSIAlVYeDBP2PNftHbmPm8b6P3ODLP9VAZESba3ggoXUA1nTFlRqZDZx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8af25c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 what-is-spear-phishing-and-how-does-it-take-down-big-corporations-1.jpg
www.begin-it.com/media-content/blog/ 43 KB
44 KB 73ms
62ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/what-is-spear-phishing-and-how-does-it-take-down-big-corporations-1.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9105b388f156d3c6d676cf059d53eecd4c64eda0ea0cb3742d8b2ff370c121ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44460
last-modified: Sat, 01 Dec 2018 09:27:11 GMT
server: cloudflare
etag: "adac-57bf2853999c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj3AJ8z%2F3yP4iWr8R2DNFYf5TXWj6QHPV8e0rV5rklEd6CNRhHLRaIRuLoNLisoIH1iKaji1IyJXGNkmRq2vyjBK3g6rcaU9KKumvtorDe5%2B6yWd%2BsZ0PPHL4C4tTMPkZhJnDpMDyhs01I%2BdvrIb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8af15c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 new-features-in-cortana-on-windows-10-v1703-1.jpg
www.begin-it.com/media-content/windows/ 41 KB
41 KB 50ms
38ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/new-features-in-cortana-on-windows-10-v1703-1.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86449833531295a48a40183ae611c98dc38cd0dbbd3426f3c8923865b2495c35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41501
last-modified: Sat, 01 Dec 2018 10:15:11 GMT
server: cloudflare
etag: "a21d-57bf330e2e9c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yhWPm%2B7S%2BNbb8vLBZaXTJ82hM1OQWWtMH%2F58UA82o2OUAgP4vX7XN4KWRkCc8EIveNTEKoYuqFHMOidX%2BVunRLGALqRwxXxHa2S8xqWcMswnJHZZaVouk7hqWRrkagE94zOxJnIxVNtpS0tSa3X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ed8aef5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET how-to-browse-and-connect-to-wireless-networks-from-the-command-line-4.png
www.begin-it.com/media-content/blog/ 0
0

GET how-to-make-high-resolution-windows-7-icons-out-of-any-image-15.png
www.begin-it.com/media-content/blog/ 0
0

GET
H2 200 7-1.png
www.begin-it.com/media-content/security/discussion-best-free-antivirus-for-windows-10/8/ 64 KB
0 189ms
183ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/security/discussion-best-free-antivirus-for-windows-10/8/7-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 369878
last-modified: Sat, 01 Dec 2018 13:27:35 GMT
server: cloudflare
etag: "5a4d6-57bf5e0f65fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gRa0t%2BayBMoVbh0IxZXHvzMrrGV7gktxwzHyqigcAElKxomCh6xSeG2NmH582bCBQC4P5RmkiQzLqCLOLY02uTp5QfhCRutwmwG3nUr%2BG8K%2FOxCK0bYWjHIYC%2FKVIQltiWTQz%2Fk4%2F5GB5uECiNy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec115c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 the-creation-of-a-shadow-copy-has-timed-out-1.png
www.begin-it.com/media-content/windows/ 64 KB
0 184ms
177ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/the-creation-of-a-shadow-copy-has-timed-out-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 142667
last-modified: Sat, 01 Dec 2018 09:46:12 GMT
server: cloudflare
etag: "22d4b-57bf2c93be100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRzSSoakvTQ83yi7n%2Bzwds%2Bl%2FWpm15hPeS2EX6BZSO3%2F0%2B9JQ1WC4boCip8zXDfeC88aqywZvjdBBGHXzBw6GDG9N%2F4E3%2BgAsMIgFGejKVDo0MeSurb7x43b%2FHlHBz9j%2FXp3Ud6aLGJ88L%2BxsATo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec125c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 reinstall-office-2013-after-an-office-2016-upgrade-6.png
www.begin-it.com/media-content/office/ 64 KB
0 199ms
192ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/office/reinstall-office-2013-after-an-office-2016-upgrade-6.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74198
last-modified: Sat, 01 Dec 2018 10:07:08 GMT
server: cloudflare
etag: "121d6-57bf31418eb00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjO9sSDaH%2FcgeKVikbcOM41BGWVys%2FS0MGThL%2F1YJcjeyYlfBBg08MsTiURaTnnVz1WCImSPlWr4N6uddived1yLELkmJKdoLCjWS8mlE3fQAM7p%2BlH6%2F858usgRfhvKem3yn2bIgBTkJSyEludz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec135c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-reorganize-the-all-programs-section-on-the-windows-7-start-menu-4.png
www.begin-it.com/media-content/blog/ 192 KB
0 48ms
41ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-reorganize-the-all-programs-section-on-the-windows-7-start-menu-4.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 274555
last-modified: Sat, 01 Dec 2018 11:11:23 GMT
server: cloudflare
etag: "4307b-57bf3f9df8cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDm9z8a5czGs%2BFFWsXzHs9y5052zsQ6xVuYjXDcw1f8uBp2Wx2dmI4AB9HVhY6NfVRZnS1CKexyjhi9xDJdJ6wSvqgUsIpiXyFdxOHVkEYAvenqrRF86%2Fmm6HBQUY3UzLDiHV650rBbtiWDJtmUU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec145c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-supercharge-your-sabnzbd-experience-with-tweaks-add-ons-and-mobile-apps-7.jpg
www.begin-it.com/media-content/blog/ 30 KB
31 KB 208ms
202ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-supercharge-your-sabnzbd-experience-with-tweaks-add-ons-and-mobile-apps-7.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cfb27a8a441008ce554d6439aea7c90a7a92deebfbb5df3f568b5009ed196e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31141
last-modified: Sat, 01 Dec 2018 10:52:36 GMT
server: cloudflare
etag: "79a5-57bf3b6b2e500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHiT1HXrwNMhPF2FRJZxB9O%2BqI19NV0K9C31827A0rQC8jKF4md2wqFD8%2FfKy3eAtISAidpFxIIRAJAdxJWHmwIxfIi8BSEYh0rT%2FG4MXWZpj7OJjS1WSxj3Wcoxpu1wMhb9NuYzgJcOfOL81Yu0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec165c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-enable-application-guard-for-microsoft-edge-in-windows-10.png
www.begin-it.com/media-content/files/ 64 KB
0 214ms
208ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/files/how-to-enable-application-guard-for-microsoft-edge-in-windows-10.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 82493
last-modified: Mon, 03 Dec 2018 09:36:56 GMT
server: cloudflare
etag: "1423d-57c1ae3cbfa79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYDgZPuJUZOCEKb9Vf1Ja4axRS7Kyv6ZdzsArikrhyVcK61d%2FCqoJdxesIEPQZQLH2CtU6GFl3aUAKXY4MTIzs9RFMJeXRMfgP4t%2FSG%2FU49jabA932CuTeKzw3jGL0eGpRTcuUqHSvScmxV4yYQC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec175c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 easily-control-computer-volume-with-a-wheel-mouse-4.png
www.begin-it.com/media-content/blog/ 256 KB
0 38ms
32ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/easily-control-computer-volume-with-a-wheel-mouse-4.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20273
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 367437
last-modified: Sat, 01 Dec 2018 12:52:21 GMT
server: cloudflare
etag: "59b4d-57bf562f54b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbAa1SOlsLCg%2FjIaCDuc%2BHGfGe1UcfyoJWS4vYWeHB2Tp5lILqDJ5yNlEdYd48%2BvJHaT%2FxSnSxzRvcCSZNgXfwvJdgSvqr%2BKMSAXseRzktE1bnMCn%2Bv4sk8yo30wCn2mkmDP7ygnkxsOTHhzK2ZT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec195c9e-FRA
expires: Tue, 11 Oct 2022 13:20:35 GMT

GET
H2 200 use-parental-controls-to-limit-time-kids-spend-on-the-computer-4.png
www.begin-it.com/media-content/blog/ 64 KB
0 178ms
172ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/use-parental-controls-to-limit-time-kids-spend-on-the-computer-4.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75374
last-modified: Sat, 01 Dec 2018 09:37:09 GMT
server: cloudflare
etag: "1266e-57bf2a8de5b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev7T9o6Bwi9TUkSgWnPJsZkmntDgRfIHtVDUjpBgF%2BlCGCee%2BD6PYPKrqfWvLy4%2Fe4Xt99zcuZEWn03LSPhV6Xw4iXCn9Gl7zBb7MHkzZIczF2I0RV5zOsDrUjB8ZTWMXUtJp%2FYEWRswxheDc3b%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec1a5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 make-windows-10-show-touch-keyboard-automatically.jpg
www.begin-it.com/media-content/windows/ 38 KB
38 KB 184ms
178ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/make-windows-10-show-touch-keyboard-automatically.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025c223a1670bffe245e43df6b0e1db1e1cda28defe71580b56d69216701e112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38578
last-modified: Sat, 01 Dec 2018 10:20:46 GMT
server: cloudflare
etag: "96b2-57bf344da9b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpc%2Fbtz%2FDCCj7cT8QjCcXgcjSmz1ewo%2B5UAuPfvphSLlCGWlOC1fGTbD9D7Qc7OfMN0P596D4LMn5mrN36otKR5X1PXbenfUv%2BM7O0WzZsQk%2F54ojo0%2BGcC7ZjCeZrOYF6YEHM4xxcY3u%2FU6deih"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec1c5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-get-started-with-audible-and-audiobooks-8.png
www.begin-it.com/media-content/blog/ 64 KB
0 176ms
170ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-get-started-with-audible-and-audiobooks-8.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 141369
last-modified: Sat, 01 Dec 2018 11:42:46 GMT
server: cloudflare
etag: "22839-57bf46a1bd980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLO1tcU1JxgsDYHrksVGEiZq3OscCBXFDtrSmc%2BDpZ3UnZsC4XNGjgpxenLfferB8MtnKiH275sk6MpcbKZCwZalhl9WdFVEHEV7vp6xQV1BqIgGdT0eWpVPnmo00A2%2B7lauo%2ByZ5mfetmF27JrJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec1e5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-manage-action-center-in-windows-7-9.png
www.begin-it.com/media-content/blog/ 64 KB
0 195ms
190ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-manage-action-center-in-windows-7-9.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 439762
last-modified: Sat, 01 Dec 2018 11:27:40 GMT
server: cloudflare
etag: "6b5d2-57bf4341b6300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn44yQ7CAZgEHuu2lSt7sY%2FBrlWXSOq7mTcjjpqUAbg1X7zDpWO0xzyIWp3LaU%2BWuLETtHjXcLyG5LAPf8CoqI9lbTdAXmuo9a4ujncRHt36OZX5wy5jP8UravT3UcQgj6g66aJoxz3MIO8zBeOW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec215c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 great-sounding-music-and-skin-possibilities-with-xion-10.png
www.begin-it.com/media-content/blog/ 64 KB
0 180ms
174ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/great-sounding-music-and-skin-possibilities-with-xion-10.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 257737
last-modified: Sat, 01 Dec 2018 12:38:05 GMT
server: cloudflare
etag: "3eec9-57bf52fefc540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTCLtQmMphQgvfUEiIrKHh1Jktv9cYSbnMsrcMiHaOX0tgBpwq%2BOSo71eDFqDn2IZN1ufZzDjCSaVoulwoQRJRd3olFb7Q%2F8IQASe9esP2dCsQ6t5ClOG6UTvwCBmRJoGcD8%2FR7Wzpqh8EYJTJwu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec235c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 find-movies-and-tv-based-on-your-mood-with-jinni-6.png
www.begin-it.com/media-content/blog/ 64 KB
0 210ms
204ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/find-movies-and-tv-based-on-your-mood-with-jinni-6.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 605429
last-modified: Sat, 01 Dec 2018 12:46:54 GMT
server: cloudflare
etag: "93cf5-57bf54f77ab80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB4e7D8xEK92u%2FIdmse%2FRlKlglqpUu%2B3y2mPtm%2BiR31VhzDQXzHi4WnoKcye80%2FGC5jZcQdei4O3rGGsccb4lKC9y8ZVbEwucBRBz%2BbzTqP74E9K8TtMWhFTVDVQUvGOPjEFxSqMfFBVcuwrx%2BNB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec265c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET import-microsoft-access-data-into-excel-5.png
www.begin-it.com/media-content/blog/ 0
0

GET carry-you-portable-apps-on-a-usb-stick-with-codysafe.jpg
www.begin-it.com/media-content/downloads/ 0
0

GET
H2 200 ribbon-menu-interactive-guide-for-microsoft-outlook-2010-released.png
www.begin-it.com/media-content/office/ 137 KB
137 KB 29ms
23ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/office/ribbon-menu-interactive-guide-for-microsoft-outlook-2010-released.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812afbef25424e99fe63cfc469974e6bf225190c356cd86f086596920a2fb15f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1011
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 139793
last-modified: Sat, 01 Dec 2018 10:04:49 GMT
server: cloudflare
etag: "22211-57bf30bcff240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcTtrXd51BQpcnqXQeFzvzLJaq2p1QTnrfkFM2litlp%2F9MOJeb2PaPhne%2FwV11BRQ7t8gYX8wfcdyIjZdtQhI7k2bRFlvVlwd0uZzQXAAsRLyrIm0EMTy%2BUO66qznWsUe9eXqpvTdUNHHw3zh29h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec2c5c9e-FRA
expires: Tue, 11 Oct 2022 18:41:37 GMT

GET
H2 200 8-reasons-why-windows-8-will-rock.png
www.begin-it.com/media-content/windows/ 64 KB
0 197ms
192ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/8-reasons-why-windows-8-will-rock.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137641
last-modified: Sat, 01 Dec 2018 13:25:17 GMT
server: cloudflare
etag: "219a9-57bf5d8bca940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ql5Uf3gcWTKKX%2BbB%2F8eeUWMBor6b8X8WEXVhZTibmJZZkCvzNiO%2FniH9k%2FL%2FrLDsYrufncaH0sAiMxurgoheBsqd%2BMDfw8cnhJyMRML8JH5IHHB8TqU4fbo9fOsxYfEEKhkjSZXRQ%2FVtGKJRAmj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec2d5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET the-10-best-free-to-play-online-shooters-10.jpg
www.begin-it.com/media-content/blog/ 0
0

GET the-great-suspender-chrome-extension-to-prevent-crashes-6.png
www.begin-it.com/media-content/general/ 0
0

GET
H2 200 windows-7-features-removed-in-windows-8.jpg
www.begin-it.com/media-content/windows/ 11 KB
11 KB 177ms
171ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/windows-7-features-removed-in-windows-8.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119a8560b4df0ebae6f70d4c4c9074712363baf4903b0eafed37a9442d9dfadf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11279
last-modified: Sat, 01 Dec 2018 09:19:06 GMT
server: cloudflare
etag: "2c0f-57bf268511680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YIxHbRokp06g9DBgjq%2F7Af%2BD3VFzAX5kCKdYP8lQnMwhdtTBX%2FXmCjXtA74ej0xrEYLTSzbUMYyN5Kt%2FR9ruNEZga521NKzx88m87e262uVgb0t7HQd9CdAL3zxQtn7qWaxmjJXUSMC3v1x3mIP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec305c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET windows-10-disk-management-not-working-loading-or-responding.png
www.begin-it.com/media-content/windows/ 0
0

GET
H2 200 secure-computing-free-virus-protection-with-avast-home-edition-13.png
www.begin-it.com/media-content/blog/ 64 KB
0 211ms
206ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/secure-computing-free-virus-protection-with-avast-home-edition-13.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 372113
last-modified: Sat, 01 Dec 2018 10:02:04 GMT
server: cloudflare
etag: "5ad91-57bf301fa3f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXn2nD%2BUu0J7Yfy2gmzPC04DggGsed6RO2qtThW2sZ%2BjvjXfiOlV%2FJt3NhWqKtQR6UqkmhkrwXZK6ISs3HEYA8h%2Fs3O4MDLyEU%2FhkT5DxG082PG0VVhOtFiXhnE%2BFXFu5%2FeRBlYGVS13H0ZqbAww"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec345c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-stop-pages-from-breaking-after-the-first-line-of-a-paragraph-in-microsoft-word-5.png
www.begin-it.com/media-content/blog/ 64 KB
0 178ms
173ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-stop-pages-from-breaking-after-the-first-line-of-a-paragraph-in-microsoft-word-5.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 160148
last-modified: Sat, 01 Dec 2018 10:54:09 GMT
server: cloudflare
etag: "27194-57bf3bc3df640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRLTGsWqfeRpmnMYp%2BozUihnir0cpZRZeW3QXbEX6LqYUEGRhBAfGEFzkFSUEmM%2FD2psDevpBq0FTgb9nCWRGw6VIfcFi2uuYAz2w51CnB5uSOeXEqfzrKAnrbcqGxRriFcvd3v2i16FhjmeaQvY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec375c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET remote-desktop-roundup-teamviewer-vs-splashtop-vs.-windows-rdp-5.jpg
www.begin-it.com/media-content/blog/ 0
0

GET how-to-change-the-location-of-the-default-screenshot-folder-in-windows-8-and-10-12.png
www.begin-it.com/media-content/blog/ 0
0

GET how-to-check-if-trim-is-enabled-for-your-ssd-and-enable-it-if-it-isnt-5.png
www.begin-it.com/media-content/blog/ 0
0

GET
H2 200 security-enhancements-in-windows-7.jpg
www.begin-it.com/media-content/security/ 6 KB
7 KB 37ms
32ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/security/security-enhancements-in-windows-7.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e0d048e46a968c6c4b205eb6ba5e222b7388760725676463c2eeda1902a2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14822788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6326
last-modified: Sat, 01 Dec 2018 10:01:40 GMT
server: cloudflare
etag: "18b6-57bf3008c0900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwMs2%2BFRAOI0nW57A%2FFrfabujXK55ObWCObrt4uZskWtK8JYSdrB4xCjSjDk0I0E64ZU26WFTaluuK8K%2FLT3KJYlqp6ZoQXu2a0uJ%2B9Xdafl0thxJUdlCA8BzOsS0aS87PdR5eyjTfIFjuuZu3XA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec3b5c9e-FRA
expires: Sat, 23 Apr 2022 05:32:00 GMT

GET
H2 200 msn-releases-panda-in-peril-wallpaper-pack-for-windows-7-1.jpg
www.begin-it.com/media-content/downloads/ 62 KB
62 KB 208ms
202ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/msn-releases-panda-in-peril-wallpaper-pack-for-windows-7-1.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea77a2f2f77927fab08070bdeb554795f009b1e46beac21710a855f2efad5b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63263
last-modified: Sat, 01 Dec 2018 10:15:55 GMT
server: cloudflare
etag: "f71f-57bf333824cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfWe3kBMbCB6ri7PDMIqMX7R7boTPxoWLo2qx22J%2FL4%2Fy%2BofHnhGo76C7Pidgjkf3udDSo96liVTFMugEMaQSxgEWZIftopbSK%2FeAW5xUQqhx5iKznfTcNpc%2BiTBblxks59l%2BBgTuM21AX%2BGnG4W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec3d5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-use-known-folder-move-feature-on-onedrive-4.png
www.begin-it.com/media-content/general/ 64 KB
0 220ms
214ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/general/how-to-use-known-folder-move-feature-on-onedrive-4.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 108237
last-modified: Sat, 01 Dec 2018 10:39:29 GMT
server: cloudflare
etag: "1a6cd-57bf387ca3a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhLTBZrJFGt1fkhhpLyS5io4E73F6JAEqJ%2Bk08mFz71UHrE%2BTebrof0RCjUuA6Ekg9Am%2FS9cej0dtQbsNfr%2FcEV7r1vvg3DA7v1e1uEYcNUkVnX7fdQeO4PfSn8Df%2FUGMEHpPq3ttMh2qfkm%2BMNO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edec405c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET windows-software-repair-tool-will-help-you-fix-windows-10-problems-2.png
www.begin-it.com/media-content/windows/ 0
0

GET learning-to-use-the-registry-editor-like-a-pro-1.jpg
www.begin-it.com/media-content/school/ 0
0

GET what-is-alexas-brief-mode-and-how-do-i-turn-it-on-or-off-5.jpg
www.begin-it.com/media-content/blog/ 0
0

GET enable-run-command-on-windows-7-or-vista-start-menu-3.png
www.begin-it.com/media-content/howto/ 0
0

GET install-subversion-with-web-access-on-ubuntu-2.png
www.begin-it.com/media-content/howto/ 0
0

GET
H2 200 email-decode.min.js Show response
tw.begin-it.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
8ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.begin-it.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tw.begin-it.com
referer: https://tw.begin-it.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 10:51:03 GMT
server: cloudflare
etag: W/"615c2e17-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1AwDwj1D%2B0eCMJ3r4dYOMDlwUX5VFg1erKiiUBC%2BDZM8u1%2BFyu0A6wRhIwavHwdfVBYoGDBBnrDX0wkKKNJlkQUfr7gowcQaxQiLPfJlrJ8p%2F3l%2BDpe%2BlMFDndFyElMX70j4%2BykQR%2B%2FqoN%2F%2F2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ca51ed9b1a5c9e-FRA
vary: Accept-Encoding
expires: Wed, 13 Oct 2021 18:58:28 GMT

GET
H2 200 adv.css
www.begin-it.com/template/begin-it/css/ 30 KB
20 KB 31ms
30ms Stylesheet
text/css 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/css/adv.css
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9d13be9488e97d6678826bcb5ce49ea0451f16292f5bbcdcacbd4be779b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55565
cf-polished: origSize=30710
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Oct 2020 13:51:00 GMT
server: cloudflare
etag: W/"77f6-5b1b5f0297900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8wyFb89ag3PmNwIC7NNQWyCONnLIH058ytlnV16iBKY1%2B9%2FlqvuBESC83UhwEYCvcuIIBPV39uac1Yl%2Bd86bN5DbrFJ40i0ITA7saiWQoGWk0MzUw8uCNizic1n2Cic99MtIpoGMhAsHNBJjt5d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 69ca51edcbd15c9e-FRA
expires: Mon, 25 Oct 2021 03:32:23 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 217 B
429 B 44ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:45:08 GMT
server: nginx/1.18.0
etag: W/"61308f14-d9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Oct 2021 19:58:28 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 / Show response
gomajor1.com/ 14 KB
15 KB 85ms
29ms Script
application/javascript 104.248.83.85
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gomajor1.com/?pu=gnsdgnjsgq5ha3ddf4ytonbw

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.248.83.85 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

58ff075e58198f332a7b23c7172f3f3a53248b11360012adf858f3ddcffb7d09

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Oct 2021 18:58:28 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 39ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:11:56 GMT
server: nginx
etag: W/"56cb5d7c-14e7e"
vary: Accept-Encoding
x-hw: 1633978708.dop204.fr8.t,1633978708.cds224.fr8.hn,1633978708.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H2 200 jquery.unveil2.min.js Show response
www.begin-it.com/template/begin-it/js/ 3 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/js/jquery.unveil2.min.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 841713
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 19 Dec 2017 09:37:11 GMT
server: cloudflare
etag: W/"b2e-560ae360dbfc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK0O0e02U9xYc7UdMuof0FCGbsM4Z7w0Af6cQCw5sXHUTEoffvIZn1LEfg1x8Nq4ItWzD5k0tGnJfR1Ea5EEhBbGETm7rXingH3DE6Tp6NrP1V48d2gm3pX8y4ML3rFINCv1dNiTr4uVfRUHsr9S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 69ca51edcbd35c9e-FRA
expires: Sat, 16 Oct 2021 01:09:55 GMT

GET
H2 200 css_iu67St59R6d9HI5J1qgGkhgBg53nYFN6bFaPnHZTaQA.css
www.begin-it.com/template/begin-it/css/ 9 KB
3 KB 20ms
19ms Stylesheet
text/css 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/css/css_iu67St59R6d9HI5J1qgGkhgBg53nYFN6bFaPnHZTaQA.css
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70abc7e86e8bb936a064a3ef5391f9955824b6b1e9b547297d606a415d5ba47c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329618
cf-polished: origSize=9307
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Jan 2018 18:00:00 GMT
server: cloudflare
etag: W/"245b-5620b37918800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Hi2lEaiauXk19e5mB6OohHKs9UnX9qVdmMS%2Bvmy%2FdSefwh2CNU4JERBIXUwcQt3iOEEyDoFh0dKAl%2BYf%2FNY6ew%2BW7udnuIjNICvdFgZOPtO4VzvCIZj7tFRgF0nrIYdpaoBidPmNdLKrCxQmhnS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 69ca51edcbd55c9e-FRA
expires: Thu, 21 Oct 2021 23:24:50 GMT

GET
H2 200 css_InF-aopv9jkJsvkkvgTauwt__j89w4NDEtLmzrRoRy8.css
www.begin-it.com/template/begin-it/css/ 147 KB
25 KB 34ms
33ms Stylesheet
text/css 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/css/css_InF-aopv9jkJsvkkvgTauwt__j89w4NDEtLmzrRoRy8.css
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285f17377c17b0c60127eb2f5ce1590cc9fa3e1c90ed3e5293eb696cd647102c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 578279
cf-polished: origSize=152595
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 31 Oct 2018 12:06:00 GMT
server: cloudflare
etag: W/"25413-57985201dfa00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HChMGhGAQvRQbRPW6w1Qj3EHMdqf%2B%2FI2upWVLRDBbtTqHW11uGeGbu9aNI538eEwzYIhxpbsUSf0U0QD2rlJ7ywGzlzmIlJh7VMlS9iBqKRrqfHLvmcuyZTAUdZnGtQsiqRopI%2FrIax%2F48BbkyUW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 69ca51edcbd85c9e-FRA
expires: Tue, 19 Oct 2021 02:20:29 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 36ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 352708
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1b00e9671224b437bf3914cf33baf521
cf-ray: 69ca51edea615b50-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
www.begin-it.com/template/begin-it/css/ 30 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/css/font-awesome.min.css
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56251
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Jan 2018 18:00:00 GMT
server: cloudflare
etag: W/"7918-5620b37918800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAcRbZAbWLsQrM1kEiT9%2Fi0giQNgKSRJgNsyjLiqEtbomDruEkBfWH147YGp8L6gC2A%2Fl%2FbUtB0ztS3%2BiDFpH6lzoe2RT71Ubqqm1z4ptmzJHpWwhohROxViYCGwXBM2DhINahB0GxxxUD4YBugx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 69ca51edcbdb5c9e-FRA
expires: Mon, 25 Oct 2021 03:20:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 50ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Merriweather:400,700,900%22

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

834cdc35d0e1ef02ac8a1da128635b88c80fff60550714e4786b610d265104ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 18:58:28 GMT
server: ESF
date: Mon, 11 Oct 2021 18:58:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 18:58:28 GMT

GET
H2 200 likely.js Show response
www.begin-it.com/template/begin-it/js/ 21 KB
8 KB 24ms
17ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/js/likely.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c661bbfea21e5f598421e76f9e6d77478cd7207e208864c7d7364da8ae2935

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 578279
cf-polished: origSize=21145
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 04 May 2018 18:00:00 GMT
server: cloudflare
etag: W/"5299-56b6516af2800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVUFxsA%2Bpx%2Fl%2BzD32lYANzYgM332fH4b7amuxk8hbXaIvYLGx8pVYDXhlHIiyjz%2FdKuyNLrPdFQv2ncCiWt2hy9GsfTGngisn%2BrMopft5dw%2BDsMZ2z8U4uj4uL%2FPe%2FAQ2PXMUCca8ILpm1BounnV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 69ca51edec075c9e-FRA
expires: Tue, 19 Oct 2021 02:20:29 GMT

GET
H2 200 likely.css
www.begin-it.com/template/begin-it/css/ 9 KB
2 KB 38ms
31ms Stylesheet
text/css 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/css/likely.css
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c7b804da7d2ba6572971c3f08f1e6e7e97c0c4a103c73f70ec24e6c95bc800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705776
cf-polished: origSize=9636
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 04 May 2018 18:00:00 GMT
server: cloudflare
etag: W/"25a4-56b6516af2800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbTvcPgiDzrchnSKg2ZzU31vdQ0jzpBrEbKKiKnH2YINfE1WqEeEu5H1zGaOMH0j3VBAPtDrNyvZB6yAOqb0qx7s%2FjhWosdKiewJtGIojnEA3%2FjO6d%2FDCC454iV%2FyFcCdEvud8Rqlsa64BborDXa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 69ca51edec085c9e-FRA
expires: Sun, 17 Oct 2021 14:55:32 GMT

GET
H2 200 js_SxPS0LzeRTBop1wPdaE3ympAyqofV2mLG1wKjw90MFo.js Show response
www.begin-it.com/template/begin-it/js/ 88 KB
32 KB 29ms
22ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/js/js_SxPS0LzeRTBop1wPdaE3ympAyqofV2mLG1wKjw90MFo.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1503fa2578ee06d2efdf865316b95389916fb20681c95dd52f8f2e1a0e1f540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305430
cf-polished: origSize=106072
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Jan 2018 18:00:00 GMT
server: cloudflare
etag: W/"19e58-5620b37918800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeG07%2Bw3Nsj0WuEl5PkKSM16LrMPIuiXayxt90eA5ec0kHVYTcgu%2FLuFZmQBBLXTtTLdMVKK%2FXqKfl%2BGvBAbkl9v5CV%2Bjs1mJTOTD7r2kJkIJsXEeVghI1W7bLdrJCfOEh%2Bq4U%2BcDAREMOWmvM6V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 69ca51edec0b5c9e-FRA
expires: Fri, 22 Oct 2021 06:07:58 GMT

GET
H2 200 page.js Show response
www.begin-it.com/template/begin-it/js/ 76 KB
26 KB 44ms
38ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/js/page.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb1c4868dce3c02d10d8a8622f411f2cb7489ede82b0a62dc6d5b7e273abbbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305429
cf-polished: origSize=77533
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Jan 2018 18:00:00 GMT
server: cloudflare
etag: W/"12edd-5620b37918800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgPwmBNJ2NP8cPrgdal5MH6TMCWBeJ1R1W57dJqHqEjjZOYj4wgBtlopcrv5tDEL3ivVLm%2BSWao7A%2B2RomyTPRuiNGOkZGIGaij1I5N3p2kUE29OnVNEYvz1OOm9myqylq9ITar8mGYcRV3aI5Bu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 69ca51edec4d5c9e-FRA
expires: Fri, 22 Oct 2021 06:07:59 GMT

GET
H2 200 js_yCAUhWPyylcX6XBp1jFmGfrayDtkx1XtSGAxcqelSiA.js Show response
www.begin-it.com/template/begin-it/js/ 149 KB
36 KB 36ms
29ms Script
application/javascript 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.begin-it.com/template/begin-it/js/js_yCAUhWPyylcX6XBp1jFmGfrayDtkx1XtSGAxcqelSiA.js
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2aad1006e6b7399427618b291d9d8a991c0ea03458955c32070731cd7841e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57554
cf-polished: origSize=157913
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Jan 2018 18:00:00 GMT
server: cloudflare
etag: W/"268d9-5620b37918800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC1VlUuT9IF1siykQy1FSeIs9%2FOdHxGgKlpvrud0OqnCTGg5AdRwvw2yaGus8dyJTtEyevQWmw6mwqXpOnfX7Z6P7hcJbb%2BvuU%2F245xJFtGffl92xdBQZ6hmQNuOQhCnseXvxCDoEfmIZGT%2BS1Cn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 69ca51edec0d5c9e-FRA
expires: Mon, 25 Oct 2021 02:59:14 GMT

GET
H2 200 drm56_19091901.js Show response
cdn.zx-adnet.com/adx/ 144 KB
19 KB 231ms
199ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/drm56_19091901.js

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6639f11bcf2906dad050c0fa84caa8902497017bbcebfcfc9273d79827deb5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 13 Sep 2021 06:21:51 GMT
x-timer: S1633978708.169669,VS0,VE193
etag: "c234ef487b53e95cf50074e726d4ce42d042badaa40471aec2944a731ab80ce6-br"
x-served-by: cache-fra19124-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 11 Oct 2021 18:58:28 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19461
x-cache-hits: 0

GET
H2 200 using-autoruns-to-deal-with-startup-processes-and-malware-9.png
www.begin-it.com/media-content/school/ 122 KB
123 KB 184ms
181ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/school/using-autoruns-to-deal-with-startup-processes-and-malware-9.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40be7c5eef537ae6e12f877bd2c2010215606f441bcec1053b8551afa344a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 125077
last-modified: Sat, 01 Dec 2018 09:35:38 GMT
server: cloudflare
etag: "1e895-57bf2a371ce80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00nufB8%2FpNoGF%2BPYlVe2slSjcTaeazuI5ykB19uefwmK8h17tO%2BRPSzbLt%2Bki%2F9Otb5iZj%2BE8f2yEVbmV8QTZ9v1NGsP60Pf54yiqZVjHuqgo8bx94uQXPhDxOUGoJDf%2BPtK2BIu0K9quzkEyWvg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbaa5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 why-does-photo-paper-improve-print-quality-1.png
www.begin-it.com/media-content/howto/ 62 KB
62 KB 128ms
125ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/howto/why-does-photo-paper-improve-print-quality-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7abef205369831080040965db1ec7e9493129404a80ad39d8e9bad5395635b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63052
last-modified: Sat, 01 Dec 2018 09:21:49 GMT
server: cloudflare
etag: "f64c-57bf272084540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBxBH6Vp9dS1oR1RPAZvx3DcI9HF0%2FqNSwiEXVjPua%2FRPTce83O8YXQ56LAUtnBOWsfBlrOkqLheDXWmyQSDHCiDO1cX%2F%2BkYybiFk%2BbtIQ8MIgkomH%2Fwiy2N3LHnpIpa9JjbndYVwG%2FB5%2F237sD%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb05c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 7.jpg
www.begin-it.com/media-content/windows/how-to-create-system-repair-disc-in-windows-10/8/ 28 KB
29 KB 144ms
141ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/how-to-create-system-repair-disc-in-windows-10/8/7.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88432f37d7f0ad4a184d22b8bdd63354cb2371c917537971ed3af86bb86591f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28958
last-modified: Sat, 01 Dec 2018 13:28:43 GMT
server: cloudflare
etag: "711e-57bf5e503f8c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0l2bf6btTudEgjbEbFB%2Fwxw%2FuRid829Q5Tx4g4L6sXNsbGHMiHi6XzxspwzIF1tOu60OES81SGs0XGvYv7ZutmUBJoZluU7pazm3VZlxry8tL%2BUWwN83sKvRzteCZBOEZuVMd75EtDXDQ9qRo6g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb45c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 jaback-free-backup-software-with-email-notification-4.jpg
www.begin-it.com/media-content/downloads/ 41 KB
42 KB 128ms
125ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/jaback-free-backup-software-with-email-notification-4.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e255c8052f3f1cd10fd10de0c7044de3be4f6bf7bb4c916f961cefc51c8bb6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42323
last-modified: Sat, 01 Dec 2018 10:25:36 GMT
server: cloudflare
etag: "a553-57bf35623a800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtcA6qbWmGkcVnVuf8U4T5EDHPFMTP1UvTVfWfcO3ZRM61IH4j3nFLFuMUBBD5F5QSRQEC%2FyX8ny6SWkNm3tR8%2F8YA67BWioP1rldGDJRfrP95E9TTS8JtCHv%2Bto%2B0Tx4oQBxgdkKhlhAuDB2nRj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb65c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 activate-or-deactivate-picture-password-sign-in-in-windows-8.png
www.begin-it.com/media-content/windows/ 68 KB
68 KB 184ms
182ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/activate-or-deactivate-picture-password-sign-in-in-windows-8.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6fd10b1c55efe0f9f6c8d2a3028508b8cc2725db9ac99972c25f492134ed354

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69191
last-modified: Sat, 01 Dec 2018 13:20:34 GMT
server: cloudflare
etag: "10e47-57bf5c7de6c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTlKERu9j9dfniiZJFZrCz0bxbZHhaTf%2F2YNanBfmR0IXKFxQw06rFCSdpWV4Yb0DOunJg3Y8TYe%2FA1nU3CfcsfiXmAGMMbfAks1a0qSVthJhK2mslZX%2F0HKqvSIwzZh8%2Fk9XOKbbpIjB4GQdGpr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb75c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-avoid-fake-and-scammy-amazon-sellers-3.png
www.begin-it.com/media-content/blog/ 194 KB
195 KB 159ms
156ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-avoid-fake-and-scammy-amazon-sellers-3.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1f9a46f94ccfcf18d97a1f83b40ed248b60387c03392a65ac21ac5d8946357

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 198789
last-modified: Sat, 01 Dec 2018 12:24:16 GMT
server: cloudflare
etag: "30885-57bf4fe863c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksdfUE1YkPHULFz3CO1fFmsS2MSom8ntM6urpMsYt2vmDGeba2einqxB2Sq7wt1mKTrrr2RZN9HiX9875ueaJEBKJ5j6cQ4FY7xT974Y73a6NreeECqjaa%2Bl%2FAQcbtHb0HAoXnkGbWTbOM4y0xRK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb85c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-credit-card-skimmers-work-and-how-to-spot-them-5.jpg
www.begin-it.com/media-content/blog/ 35 KB
35 KB 166ms
163ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-credit-card-skimmers-work-and-how-to-spot-them-5.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51aa559742c43f258744a879926dabab22e619486953534fc253f97cb22f0ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35591
last-modified: Sat, 01 Dec 2018 12:35:21 GMT
server: cloudflare
etag: "8b07-57bf526295440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAeCEKBy7gn6NxkOlj2nreSWw%2FUJtdHTCDmXOn5EfZSE7%2BlaSw0fj8L0PzWLQaY9TXJS0rIkJ1ktIo7km2sQYzNHwwNNsY7HX%2BlhuNKTjaqFHnDeHT2aersikHalbill%2F4ZjxGX9F7MlkSokaEP%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbb95c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-train-alexa-to-recognize-different-voices-and-give-more-personalized-answers-11.jpg
www.begin-it.com/media-content/blog/ 27 KB
27 KB 188ms
185ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-train-alexa-to-recognize-different-voices-and-give-more-personalized-answers-11.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1def25b3d1956fcfc9115ec1332b77448de715be6a3b75de07ee66b2dc53c889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27416
last-modified: Sat, 01 Dec 2018 10:48:50 GMT
server: cloudflare
etag: "6b18-57bf3a93a6880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N6G0%2FeaGqkuR2LhpQERi4VGkyXdBph2UyittI1%2BdawudVH4IsC24i%2BN%2BzBrwYw7Iewe5A%2BnowM%2FiwysfrTX96LSOskLZT7MFt2mVRdk7DJIPNilwwb%2F%2BNSNQXkmiHe1%2F05mcmBpHsouHb6C6%2FpO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbbc5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-delete-your-instagram-search-history-1.jpg
www.begin-it.com/media-content/blog/ 23 KB
23 KB 172ms
169ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-delete-your-instagram-search-history-1.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2dbf13d0063a7c753f9cce14ffd6d2105bc9d1493c9270bd9c596e9ed98005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23198
last-modified: Sat, 01 Dec 2018 12:00:39 GMT
server: cloudflare
etag: "5a9e-57bf4aa1087c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSS4VPZ2FmsaoTBlSzs01dTKUNGTjUrxgderWuylCNYDKDiHA1qH28vsrb0ZaGwabJPHIicSg84ghUBLlb4S3j3uvi4WZcnqwPpnLs9bzR7IA2uVpxdLxz5JgLu2YvSJyENdpqZeqsAJjFfZ%2Byy7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbbe5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 how-to-create-a-local-backup-of-your-synology-nas-17.png
www.begin-it.com/media-content/blog/ 323 KB
323 KB 190ms
188ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/how-to-create-a-local-backup-of-your-synology-nas-17.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c01038466dc5332d5fe894a3df255e88d3b809367b7780a837591d094283bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 330264
last-modified: Sat, 01 Dec 2018 12:08:14 GMT
server: cloudflare
etag: "50a18-57bf4c52f4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjynUSF8AibNJfBBsxvOEL5bS43%2BwQtS03D0eJXJjmory5Z0BHuIbm%2FtGixfXx3GjoAmwn4h34RUVnKSb1Z7PNmCEhTqYxFLYWt4dwGxUOS7GeGxO9rNla9oTL1rr%2Bs%2B8UXXYr0yGA5hFCZ6o1f7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbc15c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 googles-reply-app-will-soon-bring-smart-replies-to-other-apps-7.png
www.begin-it.com/media-content/blog/ 89 KB
89 KB 185ms
183ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/googles-reply-app-will-soon-bring-smart-replies-to-other-apps-7.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c49205cc3067cc2740f369a755183759af124870c94685c2dfc1d03e5c9fd53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 90642
last-modified: Sat, 01 Dec 2018 12:38:15 GMT
server: cloudflare
etag: "16212-57bf530885bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bnfva8N%2FbX%2FfZF8reC3sDDvxrLgshKVlEBcG6F0Rf%2BroS5RhPNVg9yOOMXeKnQSjDgr2Beo8GIIKygxwHW5h8GtG5Su%2FNLqNbHrwmr4bOVLHBZDCSHq5yNb4hZ%2FrWUQqpciCt59MZIfVQwrVLVRq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbc35c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 four-tools-that-automatically-download-stunning-wallpapers-every-day-6.png
www.begin-it.com/media-content/blog/ 557 KB
558 KB 153ms
151ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/four-tools-that-automatically-download-stunning-wallpapers-every-day-6.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922b81325fd63de380c45504adf39b66bae527bcec34a7acfb356f4a8861fe04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 570695
last-modified: Sat, 01 Dec 2018 12:43:58 GMT
server: cloudflare
etag: "8b547-57bf544fa1f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJDY6UlSqQIz7m4mJJIldeWyjd4L54S5m%2B4VDqfxVtdQsTGyrxIG1mQzta%2BQK8siTeQPTydM4Saa2hUOurisvrfH%2BZnE1clDQz9V1y5VmyuV4NCAmEGJgbTnNZp7LoS278K7D97ON2eTUfdPOxj5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbc65c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 what-is-xbox-live-gold-and-is-it-worth-it-4.jpg
www.begin-it.com/media-content/blog/ 50 KB
51 KB 146ms
145ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/blog/what-is-xbox-live-gold-and-is-it-worth-it-4.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e15ccb44dc89e947b82ba2487d7acdce0cbc548ccd988d262c590a9bbe71b17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51186
last-modified: Sat, 01 Dec 2018 09:25:59 GMT
server: cloudflare
etag: "c7f2-57bf280eef7c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37Z4gSDqgwGeFml8hkJHTSn3R5K3rB3sretgCcR3M%2Fa0EWss5NJ6YytGqNNJFma2tD6V4k4wLC0UDizF8O4tE9eYM%2FVYqnH%2B6jc9eIbD8AiZOEvGKN3fnFeJmMDaJRfvGS7LgezG%2BOKq5SE5RMgr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51edcbce5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:28 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 272 KB
98 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3408867980044490&plah=tw.begin-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7bbd27ca943bdc46260ba219f8d5d9a6dea1e54d1f4d2c5710cf06c2ba22d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99730
x-xss-protection: 0
server: cafe
etag: 3958146673256433756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:58:28 GMT

GET
H2 200 how-to-change-computer-name-in-windows-10-1.png
www.begin-it.com/media-content/windows/ 332 KB
333 KB 1092ms
1091ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/how-to-change-computer-name-in-windows-10-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c674120a3773bd7945e4c16e0c6b7daca07d088b7e32748bbcab3a69bb399e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 340305
last-modified: Sat, 01 Dec 2018 12:19:31 GMT
server: cloudflare
etag: "53151-57bf4ed897ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekqD9khWiCkTWDIqtPjaZTs6cSsKh%2BMHEvsVS4r3OxlbXpqD%2FcvWnHdjmU41qLwE5gFmq7GAtAupu8NPyEIX3m%2BJXJ9AErDEY%2Fwdqi3997w%2BMRP4GPO%2FtzDfqEArx4hxgtPZAJt5fi68q1J3a9Bm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ee4d335c9e-FRA
expires: Tue, 11 Oct 2022 18:58:29 GMT

GET
H2 200 target-of-internet-shortcut-is-not-valid-error-for-ie-3.png
www.begin-it.com/media-content/files/ 58 KB
58 KB 1192ms
1191ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/files/target-of-internet-shortcut-is-not-valid-error-for-ie-3.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf083ec08f9a46d16bc2f13bdd65367a137a1bf71131cd0a35d96c8390314d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59195
last-modified: Mon, 03 Dec 2018 09:36:58 GMT
server: cloudflare
etag: "e73b-57c1ae3f3f4d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLaTxHz4Yq6CbUGuvJIFlY9QESZpvUitmvcxg3ZDvmoIAuJpcdE7Qn5erh8hVT7hpzR90LZkKFZcE6Pk89qDtSWT1YoRZqRBcQJ%2Ft0%2FeeDR5yJvIZbtFRqVDOTnbbeGd3tnSBc%2FlHIGK6Vkt%2Bm82"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ee4d355c9e-FRA
expires: Tue, 11 Oct 2022 18:58:29 GMT

GET
H2 200 convert-a-hard-disk-or-a-partition-to-ntfs-format-3.png
www.begin-it.com/media-content/windows/ 57 KB
58 KB 1198ms
1197ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/convert-a-hard-disk-or-a-partition-to-ntfs-format-3.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4567d2ed5505e7369d2033759a6f70ed67f5e65b3e471c13e10fa48b1c8981a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 58434
last-modified: Sat, 01 Dec 2018 13:02:20 GMT
server: cloudflare
etag: "e442-57bf586a94f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzx8u1dxQ2PN61IVeOIX55V9CkVKD2y4NH1QXyimuarDcRiOnkgcfk5MGkm0jcg0HT4mvTYWa4OsU6T92pGc4KzMYQVtfO0BWaioTqhRI%2BmZ1Se6qhYFwieY5Xh4SHnndfrE0xPl9Q2l9f56pBHp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ee4d3b5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:29 GMT

GET
H2 200 how-to-disable-internet-explorer-end-of-life-upgrade-notification-1.png
www.begin-it.com/media-content/files/ 170 KB
170 KB 1079ms
1078ms Image
image/png 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/files/how-to-disable-internet-explorer-end-of-life-upgrade-notification-1.png
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7a845e8af3477b2aeb4ddfd4f46cc69c66d07b955319f42870416f9ec54dc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 173811
last-modified: Mon, 03 Dec 2018 09:36:56 GMT
server: cloudflare
etag: "2a6f3-57c1ae3cb8d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRLaFU4LnR0YZwkGG6LFUvtCLKEkr4cFVy2uj6OMv40hepzRBnhgnbDrPgRyBf7m3LlFDnsr%2BLsy96EzHmSdw6wHL5Kr3%2FdDiM36ZVQ3GE58abSztZlW8u9UFxaVG9PlmlCNPJtbnqZpITmdRbo5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ee4d3d5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:29 GMT

GET
H2 200 languagetool-free-grammar-spell-checker-desktop-software-online-tool-2.jpg
www.begin-it.com/media-content/downloads/ 40 KB
40 KB 1092ms
1091ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/downloads/languagetool-free-grammar-spell-checker-desktop-software-online-tool-2.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f21aa21425d61e033de09883b7cab5a4d07350ce5a3dee8c3c3584bdeb2cb06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40495
last-modified: Sat, 01 Dec 2018 10:24:18 GMT
server: cloudflare
etag: "9e2f-57bf3517d7880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7Yz3ppIvvdutDYhtXFBTGBqpP5zsByoL3m6MUc70f4K88mDoFR0hrenn9EPtaCrE3Rt%2B4CYUkO4MpufFZTxk3n1tlNF4XoGcIunGt4pOz9yX%2Fug7LUVg01RFNBvsIe8A3uQeU%2FD%2BdvgBZ2RqQAB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51ee4d3e5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/ Frame F907 10 KB
5 KB 43ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211007/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 11 Oct 2021 18:55:18 GMT
expires: Mon, 25 Oct 2021 18:55:18 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 190
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125

43 B
528 B

47ms
47ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Oct 2021 18:58:36 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 10 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Oct 2021 18:58:35 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tw.begin-it.com/;0.44495078158928125
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 10 Oct 2020 21:00:00 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 48ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Merriweather:400,700,900%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 352476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:03:52 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
20 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Merriweather:400,700,900%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 10:51:38 GMT
x-content-type-options: nosniff
age: 115610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19792
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 10:51:38 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Merriweather:400,700,900%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:15:50 GMT
x-content-type-options: nosniff
age: 600158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 20:15:50 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 191 KB
65 KB 128ms
57ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: br
last-modified: Mon, 11 Oct 2021 14:37:52 GMT
etag: "61642210-1031a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66330
expires: Mon, 11 Oct 2021 19:58:28 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 64 KB
25 KB 24ms
10ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer: https://tw.begin-it.com/
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:35:33 GMT
server: nginx/1.18.0
etag: W/"61572ac5-fef5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Oct 2021 19:58:28 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
239 B 6ms
6ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 13 Sep 2021 06:21:51 GMT
x-timer: S1633978709.785599,VS0,VE0
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-fra19124-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Mon, 11 Oct 2021 18:58:28 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 2

GET
H2 404 ajax-loader.gif
www.begin-it.com/demo/portal/news/themes/custom/portal_news/images/ 0
0 1710ms
1710ms Image
text/html 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/demo/portal/news/themes/custom/portal_news/images/ajax-loader.gif
Requested by: Host: www.begin-it.com
URL: https://www.begin-it.com/template/begin-it/css/css_InF-aopv9jkJsvkkvgTauwt__j89w4NDEtLmzrRoRy8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.begin-it.com/template/begin-it/css/css_InF-aopv9jkJsvkkvgTauwt__j89w4NDEtLmzrRoRy8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET fontawesome-webfont.woff2
www.begin-it.com/template/begin-it/fonts/ 0
0

GET
H2 200 chkdsk-or-check-disk-will-not-run-at-startup-in-windows-10.jpg
www.begin-it.com/media-content/windows/ 63 KB
64 KB 1712ms
1711ms Image
image/jpeg 2606:4700:3035::ac43:a0e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.begin-it.com/media-content/windows/chkdsk-or-check-disk-will-not-run-at-startup-in-windows-10.jpg
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a0e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b8201dc6caf3c5e9f9fa049331748030ff9cc883950bc6a7b09d9f42a2c867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64827
last-modified: Sat, 01 Dec 2018 13:04:43 GMT
server: cloudflare
etag: "fd3b-57bf58f2f50c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bq7%2FbmG5dIMkzbOwOwQ5c6P6CRSie7E3Y2Dt1haX1CVY7OFBETw63qldyp2C5h8UJvQJRzu9Q9AGuoxvX2YKJzt0U7aDIQQwVkSaenim0%2B6w94pTwU5VDaQopmihkoyrvQpSm9vxa2YQxFePp8bx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69ca51f25fdb5c9e-FRA
expires: Tue, 11 Oct 2022 18:58:30 GMT

GET
H2 200 ca-pub-3408867980044490 Show response
fundingchoicesmessages.google.com/i/ 70 KB
26 KB 63ms
40ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3408867980044490?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3408867980044490&plah=tw.begin-it.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24f88fdcef8aaeb1fcd5fafa896cd20d3d7384c14cf236f52ab81ff8596a00f8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7z1gdBZFZ4Un7Mnac+bvjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-7z1gdBZFZ4Un7Mnac+bvjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7z1gdBZFZ4Un7Mnac+bvjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-7z1gdBZFZ4Un7Mnac+bvjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9423.NzlobYtN_QTfL2tiaWdH8jPLVtznCgL9eBD0kikkNaYUBS0LpWSnsEd6hAsCEftJ.VQaa1fbSPXjfW7uwBHTSsjG5qGo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9423.5G6qnqNNu6M_ZwruKCG8Hc87ijHuafB0j5AMCxRJIpDxcGROjQVaduq5yf_Bz0iupyc4Jn6NQRmxLJN4X2mzRA%2C%2C._hiskVdrPt4GswDMlizA2Timd_8%2C

75 B
75 B

32ms
32ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9423.5G6qnqNNu6M_ZwruKCG8Hc87ijHuafB0j5AMCxRJIpDxcGROjQVaduq5yf_Bz0iupyc4Jn6NQRmxLJN4X2mzRA%2C%2C._hiskVdrPt4GswDMlizA2Timd_8%2C

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9423.5G6qnqNNu6M_ZwruKCG8Hc87ijHuafB0j5AMCxRJIpDxcGROjQVaduq5yf_Bz0iupyc4Jn6NQRmxLJN4X2mzRA%2C%2C._hiskVdrPt4GswDMlizA2Timd_8%2C
date: Mon, 11 Oct 2021 18:58:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 38ms
35ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
last-modified: Fri, 08 Oct 2021 08:33:42 GMT
etag: "615fd836-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 11 Oct 2021 19:58:28 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
390 B 334ms
334ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://tw.begin-it.com/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-fra19124-FRA
server: Google Frontend
x-timer: S1633978709.982234,VS0,VE328
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 01ac6b62422be86233ea55e772f40356
cache-control: max-age=3600,public
function-execution-id: rd3molnypyw7
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 2013 Show response
na.nawpush.com/tags/ 257 B
374 B 53ms
12ms XHR
text/plain 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/2013
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0c1d3eaf5661963a0f55ff453fb8c77048d6160d4b37a422c572a761a9e3cd29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 17ms
17ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:28 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Oct 2021 19:58:28 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

POST
H2 204 AGSKWxUCnbbV0Io9yDXFFvVAa0spuVmM3wmCI087WsqU1LThWovlb_T0ExyNeCt5rSJHOcyZfuyt7bdxxmiVJrOcvg== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 47ms
26ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCnbbV0Io9yDXFFvVAa0spuVmM3wmCI087WsqU1LThWovlb_T0ExyNeCt5rSJHOcyZfuyt7bdxxmiVJrOcvg==?pvid=A0E375A0-91A8-4459-B2D5-0888EE86095A&anonid=F414469B-DE21-42A9-A669-3CB0E6FBA6E2

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ZGIvLEcGZz8.es5.O/d=1/rs=AJlcJMxdG92HgWtdihCddSLl5t2p7qpF5w/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mbGzo7JUZav3CXrqrvaSJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mbGzo7JUZav3CXrqrvaSJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mbGzo7JUZav3CXrqrvaSJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mbGzo7JUZav3CXrqrvaSJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWC5TcEo2T5GQILAD0cvViBhmlHDzTJ5ai7gI8Vrm7g0J9DcF1jrx--I72I_ZC9ulQhPIeQb25otJzMOp4P-Q== Show response
fundingchoicesmessages.google.com/f/ 46 KB
18 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWC5TcEo2T5GQILAD0cvViBhmlHDzTJ5ai7gI8Vrm7g0J9DcF1jrx--I72I_ZC9ulQhPIeQb25otJzMOp4P-Q==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzOTc4NzA5LDczMDAwMDAwXSwiQTBFMzc1QTAtOTFBOC00NDU5LUIyRDUtMDg4OEVFODYwOTVBIiwiRjQxNDQ2OUItREUyMS00MkE5LUE2NjktM0NCMEU2RkJBNkUyIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vdHcuYmVnaW4taXQuY29tLyJd

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ZGIvLEcGZz8.es5.O/d=1/rs=AJlcJMxdG92HgWtdihCddSLl5t2p7qpF5w/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fc847f029d0b8c1f412ba0b0624f8ff4c482fa2f0d3a356b0724247651ba450

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wbk8+vGxN5JtqOMtjRiD1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Wbk8+vGxN5JtqOMtjRiD1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Wbk8+vGxN5JtqOMtjRiD1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Wbk8+vGxN5JtqOMtjRiD1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
660 B 42ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tw.begin-it.com&callback=_gfp_s_&client=ca-pub-3408867980044490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f77f68a8a3cd10d74490167388a25ec5638b6a95fdb1954f9577618132e32678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 46ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 46ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8900 273 KB
70 KB 666ms
665ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&adk=1812271804&adf=3025194257&lmt=1633978709&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftw.begin-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=5&bdt=180&idt=644&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=274831934367&frm=20&pv=2&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=870

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee0a3e9b6af6190b280e6cf5d89b19ec1f48460b42f71a534dde6aeb00256d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&adk=1812271804&adf=3025194257&lmt=1633978709&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftw.begin-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=5&bdt=180&idt=644&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=274831934367&frm=20&pv=2&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=870
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 71149
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6436 90 KB
30 KB 947ms
945ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b77fc4ea8f773b8eea295049845d84391cc21a4a703a39b8690d582909e5504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:30 GMT
server: cafe
content-length: 30709
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:30 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 53C3 436 B
380 B 267ms
266ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3795518542&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=2&bdt=180&idt=755&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ub9lKaTOQ5&p=https%3A//tw.begin-it.com&dtd=889

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c30ef56f3ba4fb610db5939f51d3d638472495460142dbd7de3bb270073c518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3795518542&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=2&bdt=180&idt=755&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ub9lKaTOQ5&p=https%3A//tw.begin-it.com&dtd=889
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EA3 89 KB
30 KB 599ms
598ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a779dd769f71442851c41fcb86f3159610e23e5c338f064175ffbf2ad5cb9cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 30638
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70FA 436 B
415 B 160ms
160ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=1680940124&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=806&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ROaJaOcnF6&p=https%3A//tw.begin-it.com&dtd=905

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4677908c0edcc36e3a4d9720d277f94fcd796763a2b7230f546f2afb09f9770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=1680940124&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=806&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=32896&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ROaJaOcnF6&p=https%3A//tw.begin-it.com&dtd=905
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 127C 93 KB
29 KB 401ms
401ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85fd8b81e2a5d2f2207e628777ded81d7f84e198440458cd5d1488f247684c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 29124
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-Oct-2021 19:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

POST
H2 204 AGSKWxW821zzXpd9WarzLcYTz0lQAI8eLvhiZim36ETY84PGoOJM4ezo9PzGNkUNOnZJ6n2LKYKP0I93IqKcNHgtDK96xo6dlVA7bCCvaeJfcx1Fuhb0csH5jzRdxgXzpTy40WlfBeCqbGVm_-HXwRqsQ7fN2VSENyUw2ysZWG-2I0sdkqnwb-OGDa21oOQ= Show response
fundingchoicesmessages.google.com/el/ 0
375 B 22ms
22ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW821zzXpd9WarzLcYTz0lQAI8eLvhiZim36ETY84PGoOJM4ezo9PzGNkUNOnZJ6n2LKYKP0I93IqKcNHgtDK96xo6dlVA7bCCvaeJfcx1Fuhb0csH5jzRdxgXzpTy40WlfBeCqbGVm_-HXwRqsQ7fN2VSENyUw2ysZWG-2I0sdkqnwb-OGDa21oOQ=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.2P0gsmtI_JI.es5.O/d=1/rs=AJlcJMyPfNK5Ie-VlftT4Jge7dNWcmmyLw/m=iabccpawebsignalscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GTLlxr+j5t1EuxASdvzM6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GTLlxr+j5t1EuxASdvzM6Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GTLlxr+j5t1EuxASdvzM6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GTLlxr+j5t1EuxASdvzM6Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxW821zzXpd9WarzLcYTz0lQAI8eLvhiZim36ETY84PGoOJM4ezo9PzGNkUNOnZJ6n2LKYKP0I93IqKcNHgtDK96xo6dlVA7bCCvaeJfcx1Fuhb0csH5jzRdxgXzpTy40WlfBeCqbGVm_-HXwRqsQ7fN2VSENyUw2ysZWG-2I0sdkqnwb-OGDa21oOQ= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 30ms
30ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vZkZizxMp41ov1RG8usxLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vZkZizxMp41ov1RG8usxLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vZkZizxMp41ov1RG8usxLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vZkZizxMp41ov1RG8usxLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX1gxm_ffbKr4QM1GoCETc0L4izVglw2h9Jw2kkcyfrcTyuay3I-HAVWboFjBQPZGbeeY3rAd63ON_viW-Wne02S8uMqRFrCFUqqczlHzwHMcCoOlTP-pEQT48DSpCVvW_zgJTV-SP4LEWug4XOup3NGJi0GdwHr2MynMoyaA_DpQ43Op6ZYrjDR7Y= Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1gxm_ffbKr4QM1GoCETc0L4izVglw2h9Jw2kkcyfrcTyuay3I-HAVWboFjBQPZGbeeY3rAd63ON_viW-Wne02S8uMqRFrCFUqqczlHzwHMcCoOlTP-pEQT48DSpCVvW_zgJTV-SP4LEWug4XOup3NGJi0GdwHr2MynMoyaA_DpQ43Op6ZYrjDR7Y=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzOTc4NzA5LDI5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly90dy5iZWdpbi1pdC5jb20vIl0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9acd06072421ad57b3cf14c480d23b02a994ef39088ebb05b004b7f6ca24b885

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uTNdl/+4ouC1eKXeZ4hlpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uTNdl/+4ouC1eKXeZ4hlpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-uTNdl/+4ouC1eKXeZ4hlpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uTNdl/+4ouC1eKXeZ4hlpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/68313514/
Redirect Chain

https://mc.yandex.com/watch/68313514?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.com/watch/68313514/1?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Al...

331 B
413 B

35ms
34ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/68313514/1?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A490068285940%3Ahid%3A21927261%3Az%3A0%3Ai%3A202101011185828%3Aet%3A1633978709%3Ac%3A1%3Arn%3A402286219%3Arqn%3A1%3Au%3A16339787091000912197%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633978707936%3Ads%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C743%2C63%2C%2C%2C%2C848%3Adsn%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C737%2C63%2C%2C%2C%2C848%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633978709%3At%3ABegin-it%20%7C%202021

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a427193de03a8d8cac877dd3578f8a38a4f692e29ed1f82482b7cc147d86db54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 11-Oct-2021 18:58:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:29 GMT
last-modified: Mon, 11-Oct-2021 18:58:29 GMT
location: /watch/68313514/1?wmode=7&page-url=https%3A%2F%2Ftw.begin-it.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A156%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A490068285940%3Ahid%3A21927261%3Az%3A0%3Ai%3A202101011185828%3Aet%3A1633978709%3Ac%3A1%3Arn%3A402286219%3Arqn%3A1%3Au%3A16339787091000912197%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633978707936%3Ads%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C743%2C63%2C%2C%2C%2C848%3Adsn%3A9%2C18%2C74%2C9%2C0%2C0%2C%2C737%2C63%2C%2C%2C%2C848%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633978709%3At%3ABegin-it%20%7C%202021
strict-transport-security: max-age=31536000
access-control-allow-origin: https://tw.begin-it.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ACD4 436 B
506 B 260ms
259ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=369495476&adf=4123335434&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708226&bpp=1&bdt=185&idt=1074&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=9&uci=a!9&fsb=1&xpc=51MoNSf8OI&p=https%3A//tw.begin-it.com&dtd=1081

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f58363eb61b6ba02b5a0074cad93ece515a4c7613667420fdfc9f196bdbc22dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=369495476&adf=4123335434&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708226&bpp=1&bdt=185&idt=1074&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=9&uci=a!9&fsb=1&xpc=51MoNSf8OI&p=https%3A//tw.begin-it.com&dtd=1081
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: IDE=AHWqTUmrz8lFHXrjb2fp07TfzTP0jPcS4UWu6-ah04PLGcWjC-WaLMfxdRsZPSImS1s; expires=Sat, 05-Nov-2022 18:58:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C279 139 KB
45 KB 687ms
687ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

670d5743925c180734a260ddb5d07ec67d363496f31696837462162143561f69

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMmsqoSFw_MCFRZo4Aod8IIMtA&gqi=VYlkYezkFMKLlQe58bzYAw&layout=/sadbundle/%24csp%253Der3%24/13564030103765275258/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMmsqoSFw_MCFRZo4Aod8IIMtA&gqi=VYlkYezkFMKLlQe58bzYAw&layout=/sadbundle/%24csp%253Der3%24/13564030103765275258/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:30 GMT
server: cafe
content-length: 45149
x-xss-protection: 0
set-cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; expires=Sat, 05-Nov-2022 18:58:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:30 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BCBC 436 B
508 B 260ms
259ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=154809259&adf=2551053022&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708228&bpp=1&bdt=187&idt=1115&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=11&uci=a!b&fsb=1&xpc=bri2EcAEok&p=https%3A//tw.begin-it.com&dtd=1120

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

185964e416543b2ca0b08f63970d725552ee81abaf7f93527410d7c212e51505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=154809259&adf=2551053022&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708228&bpp=1&bdt=187&idt=1115&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=11&uci=a!b&fsb=1&xpc=bri2EcAEok&p=https%3A//tw.begin-it.com&dtd=1120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUlcNzUvoxuaaGC0xK1SI82TeI4JPKUAiwNW-EZuhDN0Xz5nQ_y9VPyCVsYQriI; expires=Sat, 05-Nov-2022 18:58:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 180 B
387 B 56ms
28ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69742226beea05005d0c64a7484109f839ec4a307bf12432d139337f068456b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 69ca51f5acf2d6c1-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 22ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tw.begin-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0D8 436 B
506 B 434ms
432ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=2417121200&adf=2317390253&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708230&bpp=1&bdt=189&idt=1163&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=13&uci=a!d&fsb=1&xpc=bz9Ryw493F&p=https%3A//tw.begin-it.com&dtd=1178

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

370a6ae78a656a0f0c886f657171211b56c5e2bba662e0f3989912a9121f4461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=2417121200&adf=2317390253&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708230&bpp=1&bdt=189&idt=1163&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoenvEr%7C&abl=NS&pfx=0&fu=33920&bc=31&ifi=13&uci=a!d&fsb=1&xpc=bz9Ryw493F&p=https%3A//tw.begin-it.com&dtd=1178
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 Oct 2021 18:58:29 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: IDE=AHWqTUnHO8mZfm35lgnASalKryOy8w3ocAHFMFT33JlwrUSxhBZ4ThZcKiaDd3XAaDc; expires=Sat, 05-Nov-2022 18:58:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:29 GMT
cache-control: private

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 7ms
7ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 13 Sep 2021 06:21:51 GMT
x-timer: S1633978709.466078,VS0,VE0
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-fra19124-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Mon, 11 Oct 2021 18:58:29 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 2

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 8 KB
3 KB 29ms
8ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Oct 2021 19:58:29 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 340ms
340ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Mon, 13 Sep 2021 06:21:51 GMT
x-timer: S1633978710.642352,VS0,VE333
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-fra19124-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Mon, 11 Oct 2021 18:58:29 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H2 200 7294549954748997459
tpc.googlesyndication.com/daca_images/simgad/ Frame 127C 100 KB
100 KB 36ms
12ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7294549954748997459

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

893e6f3a2ca8364685dfb66975c8a1c969a4d941dd3e545d07512a44a778eca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:18:49 GMT
x-content-type-options: nosniff
age: 524380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102184
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 07:12:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 17:18:49 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame 127C 18 KB
8 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0
server: cafe
etag: 9086524265215974373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:53:57 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 127C 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0wrKVYlkYfW0Ev2Cx_AP9ruayAz7_qnVZd7UitzODqCHgOyQAhABINHUwG1glbqsgrQHoAHI_qunAsgBAqkCvaUaIHhBgT6oAwHIA8kEqgTlAU_QNrrVkba6YzI_V2VfKNYLEK-vvcjvOrQP1dio7_njkxeOKz-qfdiGEi5QIHWSajO7NlJQsXlXxykGWgAl5NN_j-IsuKbLwzM3bBtb9Mc7o48DrRcY-uOk7osvkxwDN1Y9oshg67JDcHVczT1dqqlnEVYX8eaPz6--urFVrBqOGD0u1lhZ1-V-mDahHtkg1bZPDQvUYab9-5DyVEu6XI6_kQ-zoJMqdBA7Y1tTRBl-BUjjsPWbq5G_uSIVRI_rUQ-nrMhlarR-cbS9iRxlC4o9PLSaWkCssK1-oFgvv8cviilSt2bABJ2_tsvbA5IFBAgEGAGSBQQIBRgEoAYCgAehm9bbAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ__sF0ggJCIDhgBAQARhfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTM0MDg4Njc5ODAwNDQ0OTAYAA&sigh=qhhtjrucpdM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 18:58:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 127C 3 KB
1 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:56:29 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 127C 67 B
187 B 41ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 17:58:30 GMT
x-content-type-options: nosniff
server: cafe
age: 3599
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 12 Oct 2021 17:58:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 127C 123 KB
38 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 18:58:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 127C 14 KB
6 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:52:50 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 127C 27 KB
11 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:36:22 GMT

GET
H2 200 f14dc7a62bcf992c762f7db4d8023af3.js Show response
www.gstatic.com/mysidia/ Frame 0EA3 7 KB
3 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3144
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
H2 200 51960db45470192acc393a412d64dac5.js Show response
www.gstatic.com/mysidia/ Frame 0EA3 8 KB
4 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3401
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Tue, 04 Jan 2022 09:28:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0EA3 2 KB
610 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 17:40:58 GMT
server: ESF
date: Mon, 11 Oct 2021 18:58:29 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 18:58:29 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0FD 143 B
226 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlcNzUvoxuaaGC0xK1SI82TeI4JPKUAiwNW-EZuhDN0Xz5nQ_y9VPyCVsYQriI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=797817564&adf=2901889522&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708224&bpp=1&bdt=183&idt=1052&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=JNe6LkHUIq&p=https%3A//tw.begin-it.com&dtd=1057

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 18:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 0EA3 2 KB
990 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:46:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame 0EA3 18 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0
server: cafe
etag: 9086524265215974373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:53:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 0EA3 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:56:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA3 123 KB
37 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 18:58:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 0EA3 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:52:50 GMT

GET
H2 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 0EA3 26 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 08 Jan 2022 07:19:45 GMT

GET
DATA 200
OK truncated
/ Frame 127C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8607a234c5e788b8d7b96c05e82b62174dff0fb18061122ddc51e50b997d30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0EA3 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHXF6VYlkYdqsCJGG-gbYyZ7wBZuNttBlgM3V_u4NmZmmzbYQEAEg0dTAbWCVuqyCtAegAaTZsdcByAEBqAMByAPLBKoE5AFP0MlbeZr7oErXa0Q0vk_K5y3Uy1qYgMcI73alOb80TK_3Tl_W2cgfkjH_NsBWTE9A6k57QQBYXSSk1WPpi5RAQwnS_4l7S0Rodg8XioIIOCKkyZxaeqeq47iF1xGTuwM1koilWwOptX8YpaK7FTaGaNzJch1DEQaaM30WJ9VutGixSafzbLhvfZd1VcLP_Q2Ok8KLMhVdVVNJtcddaz3EivaXNBPOW_vJN_QkZUBjk-Om3k7Ylk9urZBGLWMgCqRo9Tm4kRywAvs_xf0uVERwCh7HRzGfEXx122yoLjgiJRaI4D_ABPHQ7-LeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfE553KAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ6K4G0ggJCIDhgBAQARhfgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTM0MDg4Njc5ODAwNDQ0OTAYAA&sigh=9QtvB-IYJR8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 18:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3E8 143 B
202 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 18:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0EA3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e84cb02176c22e0092d30b0ea289d2d516cea65a4ea2a8b9526e091f5080186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Merriweather:400,700,900%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:06:11 GMT
x-content-type-options: nosniff
age: 42739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19696
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:06:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 40ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

88fa36767610eb2448b273a934e819de35858e4ce0f7afd6d5e728ed4ac6508a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1013 / 460 of 1000 / last-modified: 1633972329"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27073
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8033c09d792b20f84dccc1a1a15442468e2f56d41841a409e6f57a3456b2a885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1013 / 200 of 1000 / last-modified: 1633972329"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27076
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
143 B 34ms
33ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.14112609173213464

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
last-modified: Mon, 11-Oct-2021 18:58:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:30 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tw.begin-it.com%22:{%22https://tw.begin-it.com/%22:%22%22}}}&r=0.744301746025738
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.744301746025738

0
0

32ms
32ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.744301746025738
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
last-modified: Mon, 11-Oct-2021 18:58:30 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.744301746025738
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:30 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
83 B 34ms
34ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.6011167063922396

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
last-modified: Mon, 11-Oct-2021 18:58:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:30 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tw.begin-it.com%22:{%22https://tw.begin-it.com/%22:%22%22}}}&r=0.07376573944414777
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.07376573944414777

0
0

33ms
32ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.07376573944414777
Requested by: Host: tw.begin-it.com
URL: https://tw.begin-it.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
last-modified: Mon, 11-Oct-2021 18:58:30 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tw.begin-it.com%22%3A%7B%22https%3A%2F%2Ftw.begin-it.com%2F%22%3A%22%22%7D%7D%7D&r=0.07376573944414777
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:30 GMT

GET
H2 200 e8e197e378ee874e03267c2064571e79.js Show response
www.gstatic.com/mysidia/ Frame 6436 7 KB
3 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e8e197e378ee874e03267c2064571e79.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 07:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3152
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 05 Jan 2022 07:44:32 GMT

GET
H2 200 6cfce8a19e8436dfedf3d88a9491c013.js Show response
www.gstatic.com/mysidia/ Frame 6436 8 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6cfce8a19e8436dfedf3d88a9491c013.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 07:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3411
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 05 Jan 2022 07:44:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6436 2 KB
610 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 18:27:16 GMT
server: ESF
date: Mon, 11 Oct 2021 18:58:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 143 KB
51 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3836fdd3b06c0d0b2e6264f08ee21cfac81f1b3d0134576810205ec9c96c09f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52530
x-xss-protection: 0
server: cafe
etag: 12373488827997739603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame C279 67 B
129 B 6ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 17:58:30 GMT
x-content-type-options: nosniff
server: cafe
age: 3600
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 12 Oct 2021 17:58:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 6436 2 KB
946 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:46:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame 6436 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0
server: cafe
etag: 9086524265215974373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:53:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 6436 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:56:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6436 123 KB
37 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 6436 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:52:50 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 6436 27 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 06:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 05 Jan 2022 06:23:20 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0FD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

40ms
39ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 19:58:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 loadad.aspx Show response
fundingchoicesmessages.google.com/f/AGSKWxWCKKfMHLSuu8WSyu1qNtuDXwdkDX7IbyIGNMciVS7zsoUDC_48Wfo-hcHGgWHcomHR-BON3C1H2hZy8fehOyRYjWMqPJtKLlA8Pe8ogCOL-u4vZz6Nsd8CDqctzSvjJQSURTIyPGJR2nzWH6QgOKU7GOevI... 54 B
467 B 20ms
19ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCKKfMHLSuu8WSyu1qNtuDXwdkDX7IbyIGNMciVS7zsoUDC_48Wfo-hcHGgWHcomHR-BON3C1H2hZy8fehOyRYjWMqPJtKLlA8Pe8ogCOL-u4vZz6Nsd8CDqctzSvjJQSURTIyPGJR2nzWH6QgOKU7GOevIad9nV0t4LywnozNTJ3mB-N7lg3-3dWnghcPlbT4p-oqWyYTBiMUufH6SDUrXU5r8dRgk6p6kOHwBKIUYQ==/_/loadad.aspx?-ad_injector//opxads./adsegmentation./adengage4.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee2e459f2771ba80fd95e91ba0d54e8981dc2863b76aa1db32cbeba90307d174

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CG+xg8tpD2sCUJ8+WaBULQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CG+xg8tpD2sCUJ8+WaBULQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-CG+xg8tpD2sCUJ8+WaBULQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CG+xg8tpD2sCUJ8+WaBULQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 57 KB
22 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d384d8c62251ddbbc45c8d6e19abbb5afbcad5925f9f6f5587f8bd0bac8627b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21966
x-xss-protection: 0
server: cafe
etag: 691278375023635005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 19:17:20 GMT

POST
H2 204 AGSKWxV1RDcC4XY9IcBJhOe3e685gbg7_rG8A07-NRYrOBIASmFAzUFh4UfWs5n4eNhs1jlnoVtrNNVFytKuSqZ6C4Cu5sQZ_0xJrGwY0AZcjjjep7HaEu3UdDAGRA21PSC9oko8VONUQg8dBHzOJs3a9vq7Kw4Y8v0Z8STZIJOmAJrIjhv0CWU1JN7HDi4= Show response
fundingchoicesmessages.google.com/el/ 0
365 B 27ms
26ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV1RDcC4XY9IcBJhOe3e685gbg7_rG8A07-NRYrOBIASmFAzUFh4UfWs5n4eNhs1jlnoVtrNNVFytKuSqZ6C4Cu5sQZ_0xJrGwY0AZcjjjep7HaEu3UdDAGRA21PSC9oko8VONUQg8dBHzOJs3a9vq7Kw4Y8v0Z8STZIJOmAJrIjhv0CWU1JN7HDi4=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qJUmE+kInuW3qQp7KjSNqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qJUmE+kInuW3qQp7KjSNqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qJUmE+kInuW3qQp7KjSNqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qJUmE+kInuW3qQp7KjSNqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame DBCF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 10 Oct 2022 07:11:54 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 98 KB
20 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4143fe1abf03b9b17a1a3440c1811b987c8f09aa3a60d8eb0ec6f4a01a1a56

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13564030103765275258/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Wed, 06 Oct 2021 22:06:24 GMT
expires: Thu, 06 Oct 2022 22:06:24 GMT
last-modified: Fri, 07 May 2021 10:43:31 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19149
age: 420726
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame E154 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CakB5VYlkYYmuFZbQgQfwhbKgC72kuo1ew_3ghIUOzpiXza4ZEAEg0dTAbWCVuqyCtAegAf_4wZgDyAEJqQIRQQ5DvWqzPqgDAcgDSKoE5gFP0IoyIbzzFbpFrYNEzu-DviQmuhp5SE8xxnp8U_aUdiUGcgsUeKHEdp9v5Y_Xuny2suZW9tSgNRmbKiXHAxWo-GB42Fs2k_93kVCB_7iyOD-KYKrObEZDrz8a14P-apkKMJ1Wl6sRc-XyRDPTxOCJQjwT5vMue4RBd8SwP3ISWvG2iuPbfV2ZWBkWD3Cczy-PLrPX9YQYcSFrijv4u6G30qHOAiP-tpb5liKgzbZ1O6sqDsGOnd1tK1QC-2EhCaUnomo97_zQYr98DmPcEOwx4IhGFTSH2GqoaBaho_sP4hsJSrWFycAE3ZTyv5YBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-mGvmeoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEM-jEdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDA4ODY3OTgwMDQ0NDkwGAA&sigh=SWCZwrXpvLg&template_id=419

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 18:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame E154 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0
server: cafe
etag: 9086524265215974373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:53:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame E154 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:56:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E154 123 KB
37 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame E154 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Oct 2021 18:52:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E154 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmECJtDAf2NyNQfR3TOMEpVInuz9NLKyDxtkv2dyNpCTSX0N5AhmiJuPujLsqGIfhpjcIh9wo7OkSKoeEC4rmPDfPVvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pubads_impl_2021100601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
123 KB 19ms
18ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125954
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:42:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 34 B
74 B 32ms
16ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tw.begin-it.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

966b929fa45de5a25b9c4439d8d9db834ceddbdfa702148c78d2bc3bc98891bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50
x-xss-protection: 0
expires: Mon, 11 Oct 2021 18:58:30 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0EA3 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 2224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6436 0
0 84ms
81ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzPVtVYlkYbjQB82yx_APmN2H2AebjbbQZYDN1f7uDZmZps22EBABINHUwG1glbqsgrQHoAGk2bHXAcgBAagDAcgDywSqBOQBT9Ci6Uqx6VaqVwwg0RiFbV-o3LT0kNS2VsheLJGWT_vA29gIVg3NdJiyEDDAEy8omJoDHegUqUHC14tMnZ6sioiwU_Ymi_qkRhp5YpKXoqUn5qfxU2nynKaUh5l69XY6320oe5Hh7mFDgZ0qaDkLurWlAXll7fZQdPUmDWzinQhfJvBDEf3a9WSfiKj50Y7NEr3Y0LT61xuXFXyaTvCZwXge12mV-wgQvdwWpfXxxjOMNr_LJisFAdngYBH7TY6OB-tqxjzpls4QA03rENDtuuQeAS0cEv8RPPXvcJGL-Fxf-o40wATx0O_i3gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHxOedygKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEN6jRtIICQiA4YAQEAEYX4AKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0zNDA4ODY3OTgwMDQ0NDkwGAA&sigh=iVWB8QI9CjQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 11 Oct 2021 18:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 AGSKWxV1RDcC4XY9IcBJhOe3e685gbg7_rG8A07-NRYrOBIASmFAzUFh4UfWs5n4eNhs1jlnoVtrNNVFytKuSqZ6C4Cu5sQZ_0xJrGwY0AZcjjjep7HaEu3UdDAGRA21PSC9oko8VONUQg8dBHzOJs3a9vq7Kw4Y8v0Z8STZIJOmAJrIjhv0CWU1JN7HDi4= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 26ms
25ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CCRPf1JKwhvT1ehXrJKaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1CCRPf1JKwhvT1ehXrJKaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CCRPf1JKwhvT1ehXrJKaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1CCRPf1JKwhvT1ehXrJKaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxV1RDcC4XY9IcBJhOe3e685gbg7_rG8A07-NRYrOBIASmFAzUFh4UfWs5n4eNhs1jlnoVtrNNVFytKuSqZ6C4Cu5sQZ_0xJrGwY0AZcjjjep7HaEu3UdDAGRA21PSC9oko8VONUQg8dBHzOJs3a9vq7Kw4Y8v0Z8STZIJOmAJrIjhv0CWU1JN7HDi4= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 26ms
26ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pz8GlMS5KTZicGbtwriB5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-pz8GlMS5KTZicGbtwriB5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pz8GlMS5KTZicGbtwriB5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-pz8GlMS5KTZicGbtwriB5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUiM3ANwBa0E7okd11AMd1ShmUTLUhTn-QypMxn3_QYGoZetFxmm210wOthmLoo0MYb4drJyJZpGNSnO27WTsC7LElpoPrwOrwnvwLH5gJP8gkcX5FpD3AUMV-oXw__clqqFoJtUFeR-3XP4E0zFy6aN9NHlrZ-oIvGqHB0_cPHYH3cIP7UMgDjyxo= Show response
fundingchoicesmessages.google.com/f/ 44 KB
16 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUiM3ANwBa0E7okd11AMd1ShmUTLUhTn-QypMxn3_QYGoZetFxmm210wOthmLoo0MYb4drJyJZpGNSnO27WTsC7LElpoPrwOrwnvwLH5gJP8gkcX5FpD3AUMV-oXw__clqqFoJtUFeR-3XP4E0zFy6aN9NHlrZ-oIvGqHB0_cPHYH3cIP7UMgDjyxo=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzOTc4NzEwLDU3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL3R3LmJlZ2luLWl0LmNvbS8iXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35f8c0fab7e9474500ac8fb3c9c9601dc3d86aef422b5c84d6e402c824e276f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C53TKBCM99ljpCv817AOww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-C53TKBCM99ljpCv817AOww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-C53TKBCM99ljpCv817AOww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-C53TKBCM99ljpCv817AOww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxV1RDcC4XY9IcBJhOe3e685gbg7_rG8A07-NRYrOBIASmFAzUFh4UfWs5n4eNhs1jlnoVtrNNVFytKuSqZ6C4Cu5sQZ_0xJrGwY0AZcjjjep7HaEu3UdDAGRA21PSC9oko8VONUQg8dBHzOJs3a9vq7Kw4Y8v0Z8STZIJOmAJrIjhv0CWU1JN7HDi4= Show response
fundingchoicesmessages.google.com/el/ 0
362 B 23ms
23ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BLin1drMS1xvY5iQctUhqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BLin1drMS1xvY5iQctUhqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BLin1drMS1xvY5iQctUhqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BLin1drMS1xvY5iQctUhqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0753 143 B
198 B 8ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 18:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76A8 143 B
198 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 11 Oct 2021 18:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6436 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 131f62b26e0f2fd99e646d0100b3e7d044a9dab67b9d2a2919a7a770d218d8d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3E8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

40ms
40ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 19:58:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:30 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET fontawesome-webfont.woff
www.begin-it.com/template/begin-it/fonts/ 0
0

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BF0 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8135986958&adk=3452492455&adf=3932831407&pi=t.ma~as.8135986958&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=1&bdt=180&idt=759&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=110&ady=4553&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=X3DGE1DXbE&p=https%3A//tw.begin-it.com&dtd=897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 10 Oct 2022 07:11:54 GMT

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E154 0
463 B 61ms
40ms Other
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMmsqoSFw_MCFRZo4Aod8IIMtA&gqi=VYlkYezkFMKLlQe58bzYAw&layout=/sadbundle/%24csp%253Der3%24/13564030103765275258/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E154 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37c39807d8d0ea2e6d95f8365c31df721d7fc50ff09f7bf4c30cfdd2541e4a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6436 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 2224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4903 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Oct 2021 18:00:57 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4903 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Oct 2021 13:46:49 GMT

POST
H2 204 AGSKWxUa2n3M09DeJ-cTs9W5DV_DQRn0V8tOqMipLN_ZKokRFpNL5sn4G_JbrRlg5pG6moXuolu2rxJAh9O_1O6tm_UTTujs9butlvWM2G_NKfPXZq-FMq2RZYvj4oHFlkAjd4wWXkMGDt0-hNkwAugDpB_P7cgj_uwyDe6WuO40d31JQ38AbZMEyibSTds= Show response
fundingchoicesmessages.google.com/el/ 0
363 B 26ms
26ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUa2n3M09DeJ-cTs9W5DV_DQRn0V8tOqMipLN_ZKokRFpNL5sn4G_JbrRlg5pG6moXuolu2rxJAh9O_1O6tm_UTTujs9butlvWM2G_NKfPXZq-FMq2RZYvj4oHFlkAjd4wWXkMGDt0-hNkwAugDpB_P7cgj_uwyDe6WuO40d31JQ38AbZMEyibSTds=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ELpJV9CKSZ0.es5.O/d=1/rs=AJlcJMzNFD4s4UzGmJC6Waq6ulkbf2IwpA/m=cookie_refresh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IdlQychXwXYstiVnhkmMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IdlQychXwXYstiVnhkmMQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IdlQychXwXYstiVnhkmMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-IdlQychXwXYstiVnhkmMQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUa2n3M09DeJ-cTs9W5DV_DQRn0V8tOqMipLN_ZKokRFpNL5sn4G_JbrRlg5pG6moXuolu2rxJAh9O_1O6tm_UTTujs9butlvWM2G_NKfPXZq-FMq2RZYvj4oHFlkAjd4wWXkMGDt0-hNkwAugDpB_P7cgj_uwyDe6WuO40d31JQ38AbZMEyibSTds= Show response
fundingchoicesmessages.google.com/el/ 0
361 B 30ms
30ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S5bxwulWoqYl5LssMbe1tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-S5bxwulWoqYl5LssMbe1tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Oct 2021 18:58:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tw.begin-it.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S5bxwulWoqYl5LssMbe1tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-S5bxwulWoqYl5LssMbe1tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0753
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

40ms
40ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 19:58:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:31 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 650D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=7752843579&adk=3726587498&adf=3199106220&pi=t.ma~as.7752843579&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708221&bpp=8&bdt=180&idt=714&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JpUcrRREZz&p=https%3A//tw.begin-it.com&dtd=881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 10 Oct 2022 07:11:54 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

40ms
39ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:31 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 11-Oct-2021 19:58:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 Oct 2021 18:58:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 11 Oct 2021 18:58:31 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4903 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 10 Oct 2022 07:11:54 GMT

GET
H2 200 Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 676 B
457 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/Logo.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a60638fa20adbb2452e24ff1732edc49330b041560860da0f5be6c2e68128

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Fri, 08 Oct 2021 22:09:28 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 22:09:28 GMT

GET
H2 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 3 KB
1 KB 10ms
8ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/cta.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff1acc51347f666b3f64d38ca641f732fbdec612463971250a70cd1b8daa08e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Fri, 08 Oct 2021 22:09:28 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 22:09:28 GMT

GET
H2 200 b1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 17 KB
5 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/b1.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6398a09c07f32eb0e257ccb50e4e95b51af9d78f54c3890695aea3e654ab06d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 68866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4691
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Sun, 10 Oct 2021 23:50:45 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 23:50:45 GMT

GET
H2 200 a1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 9 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/a1.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bfd48e71f74e8c042fab21bdef08e7d7f9fd2de9cff886b5007c42b8fcb4d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 68866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1884
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Sun, 10 Oct 2021 23:50:45 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 23:50:45 GMT

GET
H2 200 Wildunfall.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 128 KB
43 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/Wildunfall.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6e1e03b78c3418a00a39561053e3a6f33e32d1c532e34e3df556609f54eb6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 507335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44363
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Tue, 05 Oct 2021 22:02:56 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 22:02:56 GMT

GET
H2 200 Illustration_background_970x250.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/ Frame 4903 12 KB
4 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13564030103765275258/Illustration_background_970x250.svg

Requested by

Host: tw.begin-it.com
URL: https://tw.begin-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4469b8e73e4aeab9551996995bcca8ce925be3f45a590d72b5b84cb70b1acc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 551911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4211
x-xss-protection: 0
last-modified: Fri, 07 May 2021 10:43:31 GMT
server: sffe
date: Tue, 05 Oct 2021 09:40:00 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 09:40:00 GMT

GET fontawesome-webfont.ttf
www.begin-it.com/template/begin-it/fonts/ 0
0

POST
H2 200 68313514 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/68313514?wmode=0&wv-part=1&wv-hit=21927261&page-url=https%3A%2F%2Ftw.begin-it.com%2F&rn=135071237&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633978712%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101011185831%3Au%3A16339787091000912197%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633978712

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:31 GMT
last-modified: Mon, 11-Oct-2021 18:58:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://tw.begin-it.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:31 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 337ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://tw.begin-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 718
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 142900d6a96f23083d1e2793b23b753d
accept-ranges: bytes
cf-ray: 69ca52080fdf6910-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 21ms
21ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211007&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

442c373f329cf22e8a5c0b0204e668397779b993c128d1a1a1532f871c323829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Oct 2021 18:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8641
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6436 42 B
111 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEW0LiqfXv9DDIx35PSWCYw89bEBOBUhXQXB_IjZxaIyT2zxswa6zoPzv5iXiSM_ZeBeS2tuetg_4RhbjhlC6DyZgbvHYVi2tffz2Gb8jUjLzHCbCH1g&sai=AMfl-YSj9xCxGh1vsl1uroURDyekLii9Sg6hOW0r005KqfJlsoNW-7gfbXD5ELU2prdkHs50igbQ0PhFwYGP&sig=Cg0ArKJSzHc7Sa4TG5llEAE&id=lidar2&mcvt=1026&p=0,0,280,1200&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3726587498&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633978709103&rpt=1877&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1539ms
1539ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 11 Oct 2021 18:58:33 GMT

POST
H2 200 68313514 Show response
mc.yandex.com/webvisor/ 43 B
183 B 216ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/68313514?wmode=0&wv-part=1&wv-hit=21927261&page-url=https%3A%2F%2Ftw.begin-it.com%2F&rn=799131386&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633978713%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101011185833%3Au%3A16339787091000912197%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633978713

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:33 GMT
last-modified: Mon, 11-Oct-2021 18:58:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://tw.begin-it.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:33 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
348 B 63ms
28ms Ping
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kun0qi0v&ctx=0&met.9=1.1x7~13.23e~2.270
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BB59 12 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 11 Oct 2021 17:05:46 GMT
expires: Tue, 11 Oct 2022 17:05:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3A71 783 B
1004 B 19ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96649a72d85b5fa12e846c83283e1474bb818b5f7eb70f33752393e43f944d47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xXVNUe6QbkWjWnwaFE6YWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tw.begin-it.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 11 Oct 2021 18:58:33 GMT
date: Mon, 11 Oct 2021 18:58:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xXVNUe6QbkWjWnwaFE6YWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3A71 0
0 55ms
55ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211007&jk=2976210159450179&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame BB59 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 07:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 10 Oct 2022 07:11:54 GMT

POST
H2 200 68313514 Show response
mc.yandex.com/webvisor/ 43 B
73 B 35ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/68313514?wmode=0&wv-part=2&wv-hit=21927261&page-url=https%3A%2F%2Ftw.begin-it.com%2F&rn=393821834&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633978714%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101011185833%3Au%3A16339787091000912197%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633978714

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.begin-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:33 GMT
last-modified: Mon, 11-Oct-2021 18:58:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://tw.begin-it.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 11-Oct-2021 18:58:33 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211007&jk=2976210159450179&bg=!REelRwPNAAbGFvHlxhY7ACkAdvg8Wsgc59OTGV5GcM1iY4d8KJM2tV2VkbhKYH9W3DPQqidNCurisAIAAABxUgAAAA9oAQcKAGq3qDu5l9RkNGx87qHmBCQk-vZXr4wZ2KkJhKc-BF8yIaG2iXK1AfkYX1E9c3davT6dkTS5_oA3WA5D9DMSyIeZkVCr1BYifxMEsgFFFB7FT_g3UGDz0xYXOm3IEeJX80fvJ5qYrYb2sODRmQK6ppmh6_up5z9z_lIooMMkr3nEyBNKPdFw49LS51FrahwDLdTm2HwsUMe7kAkJXVbLAA6ciYqs8pFv47HHp-l23N4ebX_02sAXjSAg-z0fq0TARUD17o7ao8vxv3gagjbY9Ptz_19APV28z8OfjtPn28pUjgqcovmo3vyUuGNnfRghRjG4dpkvWt0_D9RIFZK2mpS8lkh-9aJGzx2hJYhYPjK2WbDIYN9E7qOneNp71tgqlqLBk-nvBKQ4w6pHa52YhRI5xGdlGJvHiEJDyUbPIlEo_ABuPnWUxHTM2qJCOAdyGj7_t-ZAUZTTDH42344qjGJwua3vK0G-f9hubyxk42-D3aY_cYH9dvLs2MQma9Lj4yaWdRXLf7ZMxMpFHVevuTQFucl0kVjQMqz2GDgy6-mXxagX8_46obAEBh35sbCPEmlY0EG7cjW1MoXPQ9v6JU4qOSYWv96jmZCQU2oeZjYK5Z4woktVXhqsQIjksvtExkAu_Y3s7yBcunt_bUzYLfWjlEmVvVDCZnrb_LnsSMPfo2_zqzi5UoeXyHR08MtR0es6vdwxu9giknv6m4ba3P5B-JNLWWiKzfT0hx-neSP536woTGV7hgyaKCDvM8dAmSDuID7ZlZAljogwM_ajaGh5wXZKx_xwdfezVGTfjhotz7wldoVBSviLb_l4DycURYTWSUtxU06XzkiMG_hMnLxN-L-IZMnyRcha6oY0ro4T_tOSGT7djcKWYVC0ff3XFcFvsGvO6VyRZUz2bDe8r5lmx6ByvvappI4VX5iDW73VKfJghyuyTNIYumPkK-T0r07e6o1pc5rTuUxm1htWwaR30T8OqPn5ka48FosOKlQZ5qWiYNGnJq9dFSwit_NnnK7TMRYAK7rTZMnv-7DijAWeiWiIUZgmFfUc6tTm37f-DPqRYk-kjuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.begin-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 18:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/how-to-browse-and-connect-to-wireless-networks-from-the-command-line-4.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/how-to-make-high-resolution-windows-7-icons-out-of-any-image-15.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/import-microsoft-access-data-into-excel-5.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/downloads/carry-you-portable-apps-on-a-usb-stick-with-codysafe.jpg

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/the-10-best-free-to-play-online-shooters-10.jpg

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/general/the-great-suspender-chrome-extension-to-prevent-crashes-6.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/windows/windows-10-disk-management-not-working-loading-or-responding.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/remote-desktop-roundup-teamviewer-vs-splashtop-vs.-windows-rdp-5.jpg

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/how-to-change-the-location-of-the-default-screenshot-folder-in-windows-8-and-10-12.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/how-to-check-if-trim-is-enabled-for-your-ssd-and-enable-it-if-it-isnt-5.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/windows/windows-software-repair-tool-will-help-you-fix-windows-10-problems-2.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/school/learning-to-use-the-registry-editor-like-a-pro-1.jpg

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/blog/what-is-alexas-brief-mode-and-how-do-i-turn-it-on-or-off-5.jpg

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/howto/enable-run-command-on-windows-7-or-vista-start-menu-3.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/media-content/howto/install-subversion-with-web-access-on-ubuntu-2.png

Domain: www.begin-it.com
URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: www.begin-it.com
URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: www.begin-it.com
URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gomajor1.com/	1970-01-19 22:36:10	Name: uuid Value: bb1f2206-2091-435c-975f-501fe959dd80
.yadro.ru/	1970-01-20 06:37:15	Name: FTID Value: 1XP8bR2do8OB1XP8bR001E2l
.yadro.ru/	1970-01-20 06:37:15	Name: VID Value: 0Uuc942N2WeB1XP8bS001KVP
.begin-it.com/	1970-01-20 06:38:34	Name: _ym_uid Value: 16339787091000912197
.begin-it.com/	1970-01-20 06:38:34	Name: _ym_d Value: 1633978709
.mc.yandex.com/	1970-01-19 21:52:59	Name: sync_cookie_csrf Value: 980134493fake
.mc.yandex.ru/	1970-01-19 21:52:59	Name: sync_cookie_csrf Value: 96965344fake
.begin-it.com/	1970-01-19 21:54:10	Name: _ym_isad Value: 2
.begin-it.com/	1970-01-20 07:14:34	Name: __gads Value: ID=57ab183931516d0f-22eb493bf2ca00d3:T=1633978709:RT=1633978709:S=ALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg
.yandex.com/	1970-01-20 06:38:34	Name: yandexuid Value: 3548650261633978709
.yandex.com/	1970-01-20 06:38:34	Name: yuidss Value: 3548650261633978709
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2106967781633978709
.yandex.com/	1970-01-23 13:28:58	Name: i Value: eHpcKOSMNPG+bYAQy9x2DMsVeocCQhMTPRW+RwfZ7ngmLz/YLcDNtZuNkZaijs2Tw2TScmCJj1zW7e10weEL/ua5j3c=
.yandex.com/	1970-01-20 06:38:34	Name: ymex Value: 1665514709.yrts.1633978709#1665514709.yrtsi.1633978709
.begin-it.com/	1970-01-19 21:53:00	Name: _ym_visorc Value: w
.begin-it.com/	1970-01-20 06:38:34	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdjNzBiODctNjIwYS02NGM5LTlkYTYtMWQyZjc1ZDMzMjJjIiwiY3JlYXRlZCI6IjIwMjEtMTAtMTFUMTg6NTg6MjkuNjA1WiIsInVwZGF0ZWQiOiIyMDIxLTEwLTExVDE4OjU4OjI5LjYwNVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.doubleclick.net/	1970-01-20 07:14:34	Name: IDE Value: AHWqTUndqfwdiRKbZUtuMyMWHYUsqnh73SdOJZ1F8oDEe7o58cxNK5SBak-Z1fWLC-M
.doubleclick.net/	1970-01-19 21:52:59	Name: test_cookie Value: CheckForPermission
.yandex.ru/	1970-01-20 06:38:34	Name: ymex Value: 1665514710.yrts.1633978710#1665514710.yrtsi.1633978710
.yandex.ru/	1970-01-20 06:38:34	Name: yandexuid Value: 3439417831633978710
.yandex.ru/	1970-01-20 06:38:34	Name: yuidss Value: 3439417831633978710
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 803727861633978710
.yandex.ru/	1970-01-23 13:28:58	Name: i Value: nD+yxQz53BYN7uVesNWaZYVRosluJE5yPI7CaoqzGdDyPRBcSvABMQuLXdAslFF3o4p1hHAn48FbZlPpaZjeTBP0sGs=
.doubleclick.net/	1970-01-19 21:53:02	Name: DSID Value: NO_DATA
.begin-it.com/	1970-01-20 07:14:34	Name: FCCDCF Value: [["AKsRol-hEhv4CNgJrp4BxVVLZEgqMWYcf_ilhU5OVebRVa0lC99q5Ya5tEsPLUWnHmhtYLAdI4Hc6VxC70ymScB5QYLlM5fJUumnR6HJDvPpuRX_xVl9o19SCDyYNM45kqlOJPm33sPUSZ74IubTycolABQTybpiJw=="],null,["[[],[],[],[],null,null,true]",1633978709056],null,null]
.begin-it.com/	1970-01-20 06:38:34	Name: FCNEC Value: [["AKsRol-hEhv4CNgJrp4BxVVLZEgqMWYcf_ilhU5OVebRVa0lC99q5Ya5tEsPLUWnHmhtYLAdI4Hc6VxC70ymScB5QYLlM5fJUumnR6HJDvPpuRX_xVl9o19SCDyYNM45kqlOJPm33sPUSZ74IubTycolABQTybpiJw=="]]

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9423.5G6qnqNNu6M_ZwruKCG8Hc87ijHuafB0j5AMCxRJIpDxcGROjQVaduq5yf_Bz0iupyc4Jn6NQRmxLJN4X2mzRA%2C%2C._hiskVdrPt4GswDMlizA2Timd_8%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.begin-it.com/demo/portal/news/themes/custom/portal_news/images/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://tw.begin-it.com/ Message: Access to font at 'https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://tw.begin-it.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13564030103765275258/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3408867980044490&output=html&h=280&slotname=8874353553&adk=520431391&adf=790733885&pi=t.ma~as.8874353553&w=1200&fwrn=4&fwrnh=100&lmt=1633978709&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftw.begin-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633978708227&bpp=1&bdt=186&idt=1100&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D57ab183931516d0f-22eb493bf2ca00d3%3AT%3D1633978709%3ART%3D1633978709%3AS%3DALNI_MbtWRTdHLDFw_Yh-1Dae_r6lUJzKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=274831934367&frm=20&pv=1&ga_vid=763442536.1633978709&ga_sid=1633978709&ga_hid=1118933700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2271&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2976210159450179&pem=747&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=9s4slmzq5j&p=https%3A//tw.begin-it.com&dtd=1104 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13564030103765275258/index.html".
javascript	error	URL: https://tw.begin-it.com/ Message: Access to font at 'https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://tw.begin-it.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tw.begin-it.com/ Message: Access to font at 'https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://tw.begin-it.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.begin-it.com/template/begin-it/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdn.zx-adnet.com
code.jquery.com
counter.yadro.ru
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
gomajor1.com
googleads.g.doubleclick.net
js.wpadmngr.com
js.wpushsdk.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tw.begin-it.com
www.begin-it.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.begin-it.com
104.248.83.85
142.250.185.162
151.101.1.195
2001:4de0:ac18::1:a:1b
213.174.135.24
213.174.135.25
2606:4700:10::6814:b844
2606:4700:3035::ac43:a0e5
2606:4700::6810:5714
2606:4700::6812:acf
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a02:6b8::1:119
88.212.201.198
025c223a1670bffe245e43df6b0e1db1e1cda28defe71580b56d69216701e112
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c1d3eaf5661963a0f55ff453fb8c77048d6160d4b37a422c572a761a9e3cd29
119a8560b4df0ebae6f70d4c4c9074712363baf4903b0eafed37a9442d9dfadf
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
131f62b26e0f2fd99e646d0100b3e7d044a9dab67b9d2a2919a7a770d218d8d5
17b8201dc6caf3c5e9f9fa049331748030ff9cc883950bc6a7b09d9f42a2c867
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185964e416543b2ca0b08f63970d725552ee81abaf7f93527410d7c212e51505
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1cfb27a8a441008ce554d6439aea7c90a7a92deebfbb5df3f568b5009ed196e0
1def25b3d1956fcfc9115ec1332b77448de715be6a3b75de07ee66b2dc53c889
1e2dbf13d0063a7c753f9cce14ffd6d2105bc9d1493c9270bd9c596e9ed98005
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
1f21aa21425d61e033de09883b7cab5a4d07350ce5a3dee8c3c3584bdeb2cb06
24c01038466dc5332d5fe894a3df255e88d3b809367b7780a837591d094283bd
24f88fdcef8aaeb1fcd5fafa896cd20d3d7384c14cf236f52ab81ff8596a00f8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
285f17377c17b0c60127eb2f5ce1590cc9fa3e1c90ed3e5293eb696cd647102c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8607a234c5e788b8d7b96c05e82b62174dff0fb18061122ddc51e50b997d30
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e84cb02176c22e0092d30b0ea289d2d516cea65a4ea2a8b9526e091f5080186
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
35f8c0fab7e9474500ac8fb3c9c9601dc3d86aef422b5c84d6e402c824e276f1
370a6ae78a656a0f0c886f657171211b56c5e2bba662e0f3989912a9121f4461
37c39807d8d0ea2e6d95f8365c31df721d7fc50ff09f7bf4c30cfdd2541e4a13
3836fdd3b06c0d0b2e6264f08ee21cfac81f1b3d0134576810205ec9c96c09f5
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
3e255c8052f3f1cd10fd10de0c7044de3be4f6bf7bb4c916f961cefc51c8bb6e
3eb1c4868dce3c02d10d8a8622f411f2cb7489ede82b0a62dc6d5b7e273abbbd
442c373f329cf22e8a5c0b0204e668397779b993c128d1a1a1532f871c323829
4567d2ed5505e7369d2033759a6f70ed67f5e65b3e471c13e10fa48b1c8981a3
48bfd48e71f74e8c042fab21bdef08e7d7f9fd2de9cff886b5007c42b8fcb4d7
4b7abef205369831080040965db1ec7e9493129404a80ad39d8e9bad5395635b
4c7a845e8af3477b2aeb4ddfd4f46cc69c66d07b955319f42870416f9ec54dc7
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51aa559742c43f258744a879926dabab22e619486953534fc253f97cb22f0ff9
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
58ff075e58198f332a7b23c7172f3f3a53248b11360012adf858f3ddcffb7d09
5a1f9a46f94ccfcf18d97a1f83b40ed248b60387c03392a65ac21ac5d8946357
5ad9d13be9488e97d6678826bcb5ce49ea0451f16292f5bbcdcacbd4be779b20
5b77fc4ea8f773b8eea295049845d84391cc21a4a703a39b8690d582909e5504
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c6e1e03b78c3418a00a39561053e3a6f33e32d1c532e34e3df556609f54eb6
62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b
6398a09c07f32eb0e257ccb50e4e95b51af9d78f54c3890695aea3e654ab06d2
65c7b804da7d2ba6572971c3f08f1e6e7e97c0c4a103c73f70ec24e6c95bc800
6639f11bcf2906dad050c0fa84caa8902497017bbcebfcfc9273d79827deb5ee
670d5743925c180734a260ddb5d07ec67d363496f31696837462162143561f69
70abc7e86e8bb936a064a3ef5391f9955824b6b1e9b547297d606a415d5ba47c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e0d048e46a968c6c4b205eb6ba5e222b7388760725676463c2eeda1902a2ff
7c30ef56f3ba4fb610db5939f51d3d638472495460142dbd7de3bb270073c518
7c4143fe1abf03b9b17a1a3440c1811b987c8f09aa3a60d8eb0ec6f4a01a1a56
7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081
7d4469b8e73e4aeab9551996995bcca8ce925be3f45a590d72b5b84cb70b1acc
8033c09d792b20f84dccc1a1a15442468e2f56d41841a409e6f57a3456b2a885
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e
812afbef25424e99fe63cfc469974e6bf225190c356cd86f086596920a2fb15f
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
834cdc35d0e1ef02ac8a1da128635b88c80fff60550714e4786b610d265104ba
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35
85fd8b81e2a5d2f2207e628777ded81d7f84e198440458cd5d1488f247684c64
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
86449833531295a48a40183ae611c98dc38cd0dbbd3426f3c8923865b2495c35
88432f37d7f0ad4a184d22b8bdd63354cb2371c917537971ed3af86bb86591f0
88fa36767610eb2448b273a934e819de35858e4ce0f7afd6d5e728ed4ac6508a
893e6f3a2ca8364685dfb66975c8a1c969a4d941dd3e545d07512a44a778eca6
8c49205cc3067cc2740f369a755183759af124870c94685c2dfc1d03e5c9fd53
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8e15ccb44dc89e947b82ba2487d7acdce0cbc548ccd988d262c590a9bbe71b17
8f125ccfff94cc5d69d464699ec7324cbb8961735279c35a96adb87d71f21a6f
8fc847f029d0b8c1f412ba0b0624f8ff4c482fa2f0d3a356b0724247651ba450
9105b388f156d3c6d676cf059d53eecd4c64eda0ea0cb3742d8b2ff370c121ac
922b81325fd63de380c45504adf39b66bae527bcec34a7acfb356f4a8861fe04
96649a72d85b5fa12e846c83283e1474bb818b5f7eb70f33752393e43f944d47
966b929fa45de5a25b9c4439d8d9db834ceddbdfa702148c78d2bc3bc98891bf
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9acd06072421ad57b3cf14c480d23b02a994ef39088ebb05b004b7f6ca24b885
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9d384d8c62251ddbbc45c8d6e19abbb5afbcad5925f9f6f5587f8bd0bac8627b
9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db
a427193de03a8d8cac877dd3578f8a38a4f692e29ed1f82482b7cc147d86db54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a69742226beea05005d0c64a7484109f839ec4a307bf12432d139337f068456b
a779dd769f71442851c41fcb86f3159610e23e5c338f064175ffbf2ad5cb9cea
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
ad444bdb5b9f03052e01ee1d2348be6a0d920a7960bfba2d1489a1b8b5f3d55d
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
bf083ec08f9a46d16bc2f13bdd65367a137a1bf71131cd0a35d96c8390314d08
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c674120a3773bd7945e4c16e0c6b7daca07d088b7e32748bbcab3a69bb399e35
c7bbd27ca943bdc46260ba219f8d5d9a6dea1e54d1f4d2c5710cf06c2ba22d4f
c81a60638fa20adbb2452e24ff1732edc49330b041560860da0f5be6c2e68128
cb2aad1006e6b7399427618b291d9d8a991c0ea03458955c32070731cd7841e4
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cff1acc51347f666b3f64d38ca641f732fbdec612463971250a70cd1b8daa08e
d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9
d4c661bbfea21e5f598421e76f9e6d77478cd7207e208864c7d7364da8ae2935
df25a89baab0bfb1e5b93eaf49ca951ab0ff0dc5bdd63357250b5706b99db798
e1503fa2578ee06d2efdf865316b95389916fb20681c95dd52f8f2e1a0e1f540
e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4677908c0edcc36e3a4d9720d277f94fcd796763a2b7230f546f2afb09f9770
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
ea77a2f2f77927fab08070bdeb554795f009b1e46beac21710a855f2efad5b5e
ee2e459f2771ba80fd95e91ba0d54e8981dc2863b76aa1db32cbeba90307d174
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40be7c5eef537ae6e12f877bd2c2010215606f441bcec1053b8551afa344a53
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f58363eb61b6ba02b5a0074cad93ece515a4c7613667420fdfc9f196bdbc22dc
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f6fd10b1c55efe0f9f6c8d2a3028508b8cc2725db9ac99972c25f492134ed354
f77f68a8a3cd10d74490167388a25ec5638b6a95fdb1954f9577618132e32678
fee0a3e9b6af6190b280e6cf5d89b19ec1f48460b42f71a534dde6aeb00256d8
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

tw.begin-it.com Open in urlscan Pro 2606:4700:3035::ac43:a0e5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

219 Requests

92 %HTTPS

74 %IPv6

21 Domains

28 Subdomains

24 IPs

4 Countries

4675 kBTransfer

9792 kBSize

26 Cookies

18 Outgoing links

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tw.begin-it.com Open in urlscan Pro
2606:4700:3035::ac43:a0e5 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

92 %
HTTPS

74 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

4675 kB
Transfer

9792 kB
Size

26
Cookies

219 HTTP transactions
6 data transactions