chat.chatgptdemo.net Open in urlscan Pro
2606:4700:3032::ac43:aa6a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chat.chatgptdemo.net/
Effective URL:
https://chat.chatgptdemo.net/
Submission: On October 17 via api (October 17th 2023, 7:27:36 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 22 domains to perform 88 HTTP transactions. The main IP is 2606:4700:3032::ac43:aa6a, located in United States and belongs to CLOUDFLARENET, US. The main domain is chat.chatgptdemo.net. The Cisco Umbrella rank of the primary domain is 292887.
TLS certificate: Issued by GTS CA 1P5 on October 15th 2023. Valid for: 3 months.

This is the only time chat.chatgptdemo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3032::ac43:aa6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:24bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:3d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 2	3.121.79.42 3.121.79.42	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:c1c:c446:a0f3:d97c	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
88	22

17 2606:4700:3032::ac43:aa6a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chat.chatgptdemo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:24bb (United States)

ASN13335 (CLOUDFLARENET, US)

meanlytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:3d05 (United States)

ASN13335 (CLOUDFLARENET, US)

openfuture.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4663 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.profitablecreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.79.42 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-42.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:c1c:c446:a0f3:d97c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	345 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	88 KB
17	chatgptdemo.net 1 redirects chat.chatgptdemo.net — Cisco Umbrella Rank: 292887	156 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	383 B
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	834 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5121	651 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024 r.turn.com — Cisco Umbrella Rank: 4738	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	profitablecreativeformat.com www.profitablecreativeformat.com — Cisco Umbrella Rank: 78167
2	openfuture.ai openfuture.ai — Cisco Umbrella Rank: 366009	197 KB
2	meanlytics.com meanlytics.com — Cisco Umbrella Rank: 365913	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	36 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 913	338 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	714 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	248 B
1	buymeacoffee.com cdnjs.buymeacoffee.com — Cisco Umbrella Rank: 57873	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	90 KB
88	22

	Domain	Requested by
17	chat.chatgptdemo.net	1 redirects chat.chatgptdemo.net
13	pagead2.googlesyndication.com	chat.chatgptdemo.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googleadservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	cdnjs.buymeacoffee.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.profitablecreativeformat.com	chat.chatgptdemo.net
2	openfuture.ai	chat.chatgptdemo.net
2	meanlytics.com	chat.chatgptdemo.net meanlytics.com
2	cdnjs.cloudflare.com	chat.chatgptdemo.net
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.buymeacoffee.com	chat.chatgptdemo.net
1	www.googletagmanager.com	chat.chatgptdemo.net
88	28

This site contains links to these domains. Also see Links.

Domain
chatgptdemo.net
openfuture.ai
buymeacoffee.com

Subject Issuer	Validity	Valid
chatgptdemo.net GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
meanlytics.com GTS CA 1P5	`2023-08-23` - `2023-11-21`	3 months	crt.sh
openfuture.ai GTS CA 1P5	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdnjs.buymeacoffee.com GTS CA 1P5	`2023-08-31` - `2023-11-29`	3 months	crt.sh
profitablecreativeformat.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://chat.chatgptdemo.net/
Frame ID: 7344A74E1265F4FE99911F1ADFB06A5E
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 1AB2DB0DF2F89D0811068CC15C44B446
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&adk=1812271804&adf=3025194257&lmt=1697563651&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851643&bpp=2&bdt=368&idt=301&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3889423032680&frm=20&pv=2&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321
Frame ID: 33DF97F9ABF19CAADE6C4E046CE50089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=200&slotname=5335985259&adk=4004515947&adf=3773223381&pi=t.ma~as.5335985259&w=1000&fwrn=4&lmt=1697563651&rafmt=11&format=1000x200&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851645&bpp=1&bdt=369&idt=324&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qb7abjjEr4&p=https%3A//chat.chatgptdemo.net&dtd=329
Frame ID: 8D98F417B81E8631B31BF3BA6EC50AD0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=190&slotname=2037123595&adk=3904284293&adf=3488685499&pi=t.ma~as.2037123595&w=760&fwrn=4&lmt=1697563652&rafmt=11&format=760x190&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570852830&bpp=3&bdt=1554&idt=3&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x200&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A4fJF05cx6&p=https%3A//chat.chatgptdemo.net&dtd=6
Frame ID: 793C35C5185628EE57387CAC7D16367A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2D268A78704BE72755AA7BE818B7305A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 6A42B159F15768AFBF0E76DF2490EDCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB34043C734D4B19C2C8AA7DF4555E81
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECCFF7FA8B6A52D3718F477A9FE4E68A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: AAB1C77BEE1D7F2F8C4A01DF85E7DA39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6A019978F97813FC3F0C1DA7D41DC8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DDF5D589FD829C06E0E627352455D85
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ChatGPT Demo Free

Page URL History Show full URLs

http://chat.chatgptdemo.net/ HTTP 301
https://chat.chatgptdemo.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

90 %
HTTPS

73 %
IPv6

22
Domains

28
Subdomains

22
IPs

6
Countries

1136 kB
Transfer

3099 kB
Size

14
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://chatgptdemo.net/
Title: chatgptdemo.net

Search URL Search Domain Scan URL

URL: https://openfuture.ai/tool/chatgptdemo

Search URL Search Domain Scan URL

URL: https://buymeacoffee.com/chatgptfree
Title: 😀Buy me a coffee

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chat.chatgptdemo.net/ HTTP 301
https://chat.chatgptdemo.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://googleads.g.doubleclick.net/pagead/adview?ai=CSMKTJOAuZYgXiKaBB_ixiuAGweC3lXLtwPfl6hHZ2R4QASCytswZYJWCgICsB6AB_9uKyAPIAQGoAwHIA8sEqgTXAU_Q-qwUcbvYiXQGFvFFzG8O79TMvGdPvELzKXpXCCHcCyYow7kKG0o0cKPXBYzaShDmH-d2dRl66WTjIQC3FLXJKJCbekmCIXc_QPPN8S09gk_XtzO-6bfhQ4fOnF9BYq07kOox72DsrhHKwsVjHOza4lqcjrjtfh0uZAci5TKXPUgBdQE63AIkXAnTOfWhhV5Wmc3OoTi4KqrVcWm0MMkHSJ_G2QSXVbs3aPB2f2V62KiBKo9hbEnH1arspCaS6PtgfhiA-fgP8PJ4kO9lvmjsJlF9ZK9GwASZy_W5twSIBfP08o0vkgUECAQYAZIFBAgFGASAB_DurKICqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpMML0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOpoJeWh0dHBzOi8vd3d3LmdyYW1tYXJseS5jb20vYS9nZXJtYW55P3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj1nZXJtYW4tbHAtZXhwNjIzMyZ1dG1fY29udGVudD02NzYyNDA1OTY0MzOACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMjU4NjI0ODkzOTkzMjc4NRgA&sigh=6pF3W3sy_Rw&uach_m=[UACH]&ase=2&cid=CAQSGwDICaaNY9ajHxQ4mPodNuvOuZJiJln0k7tAohgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226943368890455822597%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224403067900351236081%22}&andc=true

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1&google_push=AXcoOmQXFAdDo9Ab5chxMayn19Siq_nuO76y14UhB-sVt3G79OM1CEL46LYXoqkDgFa8yX8OODypD1-CaqCJqXWMbdAS4V5DmLHWLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3MDI2Njc4NTk4MjU1OTcyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1

Request Chain 65

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_QZPGp1Z5-AWcVPiWeKLxTrrZjDBVhp9ITVi4FaqCaKgHkziYmnqstH HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_QZPGp1Z5-AWcVPiWeKLxTrrZjDBVhp9ITVi4FaqCaKgHkziYmnqstH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDR5NVRnRjMxUVNQSjM1&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_QZPGp1Z5-AWcVPiWeKLxTrrZjDBVhp9ITVi4FaqCaKgHkziYmnqstH

Request Chain 66

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 67

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIfQSXXkWyDJHauTLfCglZs&google_cver=1&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_ForP_Bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_ForP_Bw&google_hm=eS1Ja2l2NGUxRTJwSE1vaWR2M2F5Q2xZeDFndXU3SS5kQ35B

Request Chain 68

https://d5p.de17a.com/cookies/google?google_gid=CAESENaqRalbB2dDfZETD577R7o&google_cver=1&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENaqRalbB2dDfZETD577R7o&google_cver=1&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA

Request Chain 69

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAcLsrPP89jlL-ykI5QH1yY&google_cver=1&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gEtkn3CNixHT3KFQwxADZt HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAcLsrPP89jlL-ykI5QH1yY&google_cver=1&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gEtkn3CNixHT3KFQwxADZt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU5Nzk2NzAzNTg1Mjg5OTY0Ng&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gEtkn3CNixHT3KFQwxADZt

Request Chain 70

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMblhPl7y9DWzT2B5lnIcoo&google_cver=1&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4WPaTKYZ1V_45fbxDtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4WPaTKYZ1V_45fbxDtQ

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwm-CJOAuZYDtNO__x_APz4eWGMHgt5Vy7cD35eoR2dkeEAEgsrbMGWCVgoCArAegAf_bisgDyAEBqAMByAPLBKoE1gFP0I1ecMR8KevgiqITythix6MK6FZgAKQep-g1-syD5tEqD9yxSwYuaM3AOq0b4xq2cEzAG85L2cT-LMTlEQfbhRmUAsHw_WXr6H0JniYXRU4-lJOkW3qhVgbCvw7Fng0nJ_Vf6HxrlkvNzlD5wTmcDFBfQjxxDNyL2YpyvE68Mz9mFfDWux_TMxBBQC7hz6K0d0LUhJ7SRtuyHMkjs0Y0_i9ndD64oyjnxTjBSlIK-itTFt9fRF3_iKoxax-3FPK_d5_q03sHJKFIrRIlXSx39ydZJgtawASZy_W5twSIBfP08o0vkgUECAQYAZIFBAgFGASAB_DurKICqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgPk60ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOpoJeWh0dHBzOi8vd3d3LmdyYW1tYXJseS5jb20vYS9nZXJtYW55P3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj1nZXJtYW4tbHAtZXhwNjIzMyZ1dG1fY29udGVudD02NzYyNDA1OTY0MzOACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMjU4NjI0ODkzOTkzMjc4NRgA&sigh=vGsCIcsUXno&uach_m=[UACH]&ase=2&nis=4&cid=CAQSKQDICaaNaKXD-g-rk-Y06ZpIIap2G_kx6CPHlxQASJ6-sTAW0T6_pbFrGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215400332785717192560%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217531535954569197553%22}&andc=true

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chat.chatgptdemo.net/
Redirect Chain

http://chat.chatgptdemo.net/
https://chat.chatgptdemo.net/

64 KB
18 KB

420ms
391ms

Document
text/html

2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d71db8e9a32ebe0c2b4c421214e0a97014b8da1f03ffe0cf2ab7ca116c967a0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 817af0792f4d2bb5-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-type: text/html; charset=utf-8
date: Tue, 17 Oct 2023 19:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Bv62dajvQUOoRdUFGLoJcbvB0ij9J61vF144IRvcbTzEtSqzX81UG0zo2nHfJGvboHJGjeQknoHqcnXrbxlnO8CEgO2aFtjpmxKew6ftcxuazZ8K0rC1HrvXjkLxoBD0emlm5%2BvoG1WflHAvcH2dKgfwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 817af078dd17921d-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 17 Oct 2023 19:27:30 GMT
Expires: Tue, 17 Oct 2023 20:27:30 GMT
Location: https://chat.chatgptdemo.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw8LfQISMrXqCslTY1DEKmAzIkkHKlO8pG117OPr8WnkZ8VOWQ2g7QxqzyGNjJrs%2BlVbEQOAU3m8Pfslszag%2BGymanDjgh2%2B1cyH%2FOcjYPPy7Bykiss8IQezHAVim3St%2B1WXhEd6BMvzWej3RFvG2efzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.css
chat.chatgptdemo.net/assets/css/ 234 KB
32 KB 26ms
25ms Stylesheet
text/css 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/css/bootstrap.css

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf95378db92a6fe927d0fab707d1d2ce23b954f118695d13240ac9fa1f80e0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2491
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KtPt8nrKJwXKvi%2B2i%2BRcTR8tYWZ7uO1hxSulvl%2FNU1BS%2B5j%2BExM1Bwe5UrOMQizQHjMJw1PWpkY6BGDPTLNGljr8596GYunwSwgLemcfaXRjis%2Fjj64udd8KqWTzGT2wyfEwS1yz2jrt4behITWvcJ8Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 817af07c8c662bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
chat.chatgptdemo.net/assets/css/ 24 KB
5 KB 28ms
27ms Stylesheet
text/css 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/css/main.css

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccab90deae4e2cace3d45043b19ebd90814ab680722e3def29de73175bfc9fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2491
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIcSInelUNMtJuj6pQpPRJr8hP4o77aRvSClI05AFla%2Ba%2Bt%2BfLEs1iBpZ3BA1td%2FDglkRh5pmYimWhrHJJohqymd17x1SjJ%2BeMuIHI9EBpxZoHmqiiMsALlDTGDeP8siR52JKhRaWQiRUgkdfKWtJiWgfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 817af07c8c6a2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.bundle.js Show response
chat.chatgptdemo.net/assets/js/ 212 KB
47 KB 666ms
664ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/bootstrap.bundle.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9fb9077040d42f64bdbee2f09592b6e131a4fde3135260306aa07c638deeaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqfjnTykQL%2FF%2B7QZZap%2B%2BTXVrgVkwwJb9IbZ3hi%2BUErSy2mVgtg1apfii%2B9mNC%2BiKcSH1YsPOxoW1gncrYhzFv9rYrsGC%2FABv09%2FDNPu%2FKcu%2B4%2FkR7jM6pG8Jsv8rdK2Hcw1Zmj8Ihozha%2F0WtxXNouTEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 817af07cdafd9be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-3.5.1.min.js Show response
chat.chatgptdemo.net/assets/js/ 87 KB
32 KB 29ms
27ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/jquery-3.5.1.min.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2576abffaca3f191e4b103fc95e7fa7a42d0ba9bff1eb9db74bd43d6e61ad54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3Hj6nBRxpMYtZXoUYSzkyaTWs5DIdG5B1Zxc7fXMh54BLE1Hl30ym0JaMKyODC38Nd5niCSwraauxCBQoITfXDNDc%2FJtZgDt%2BvleOLL0U5zc1Y80IvF1UxMlUVtOBkNoVBZMhniqqA0BdvgGnHZTq3JPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 817af07cdafe9be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/styles/ 1 KB
1 KB 48ms
21ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/styles/default.min.css

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 89865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 439
last-modified: Thu, 24 Nov 2022 08:02:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "637f251b-1b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjhxYMegK0fLp1i8yr%2FocCcD9fQXqWoHDmg970jX7YjBPttGtkTcipIyx2Oqx2lj8ftVDbJlTQYM9JqmSSiLxObCXMT7rBR11uripOgAHP%2B143zA2vRzYm24dq9Y0FMbgCIJMsUuhW9fPmWqgfCd1dJE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817af07cad4e9136-FRA
expires: Sun, 06 Oct 2024 19:27:31 GMT

GET
H2 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/ 118 KB
35 KB 49ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/highlight.min.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1638830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35652
last-modified: Thu, 24 Nov 2022 08:02:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "637f251b-8b44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTJf%2BUmbMlM%2Fv38R4QlWAZvCVt40CunaIA61k43io7d%2BiYX%2Bi9Zp8ZqRiY3xcF9kKcvYs%2BXqaARYUB6VS8LN4IZZdo3CJwHFS2NhVjeLwiLbV8DatAh6ncNbi9m6nTo%2Bb%2FLGgTiN6zXSkXt6EnpZe0T1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817af07cdd909136-FRA
expires: Sun, 06 Oct 2024 19:27:31 GMT

GET
H2 200 chat.js Show response
chat.chatgptdemo.net/assets/js/ 20 KB
5 KB 362ms
361ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/chat.js?v=0.2

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58730803910bbad1ff1ffa031614daaefecd46802b8011f050b72958e6b3aa1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 17 Oct 2023 18:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47xs8bu%2Fdk9CuOWoEPJmgUvwcHhTdeEsrDAipWUSlYvj9gtk2z83oryRjfVSiCS97fuzUedhKSyEUG2%2FH0VVsb8CMRKA2jSa6DysSvJbceluoHp2%2BMxzqB%2B4RqowCfFbeGmSRkl8859QIk3CN34pPdD9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 817af07c8c6b2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 stuff.js Show response
chat.chatgptdemo.net/assets/js/ 5 KB
2 KB 353ms
352ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/stuff.js?v=0.2

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

725f5861f65b4552e1fddbee66e5e8c45a02925a816600ad26c17f34bbf16ab1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5kqP%2FZTnBrqVkdzybLOdasDjKPnKFHrrrc%2BmRLf14zbtMMmTSey6Dh8iZYswa7UgsHjQS6K9xWmz7EZT3R7F8UGUR4%2FzEivTOxkuAVWVoPBaYF64SgUna98MmElcOfpaQmsQzJKjDwIaqtm3xMf38yR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 817af07c8c6f2bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 share.js Show response
chat.chatgptdemo.net/assets/js/ 5 KB
2 KB 334ms
333ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/share.js?v=0.1

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5798cfccf1c3649a4b2870e831a5b57ce6c20276cde63bbd6d10611497051b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Q9upfFbXKubHr8cd1baiQFIiyNBfHTO46K20APodFS7RuML3a6Luf%2FyN2XI9EbAP9bM7CgXmr2xG4r7Ph5tyWhIzYlfN%2BPbZB3iKDS0b%2BohdHFVPBdhjvd%2FHfk15V32Pqnhrk2VjVH5tgqddg1%2BPcZzwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 817af07c8c732bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.js Show response
chat.chatgptdemo.net/assets/js/ 17 KB
4 KB 369ms
369ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/main.js?v=0.2

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a833eff9f0b5e5d4111de0e82218a0bd499ae9ca3d979cb00b381a139b2ecb4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 16 Oct 2023 11:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccTxxhCj3yV%2BaPqUdTHCXLF5vvIGVNwxBZDAY5eSqVOMTvI0eXlaOWgw%2BRMvI5q9DFULBuULZ%2BGAxHeXeJIu0PduYytLv6o%2B0VM6ZDaItj%2Fo0F4qQ5V7wvq8xm8jDHyh4NHN%2Fir4kVk5yjhxBZwaltdVnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 817af07c8c742bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 65ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3J2500708C

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0165b37df91f9f5a32c0afa5acaac1e6f497d070895fd9f62879e1a28c4cc955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Oct 2023 19:27:31 GMT

GET
H2 200 script.js Show response
meanlytics.com/js/ 1 KB
1 KB 66ms
21ms Script
application/javascript 2606:4700:3037::6815:24bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meanlytics.com/js/script.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:24bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Oct 2023 09:32:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gpgbsY7yj2JVM1qBipKR%2FwrUrGIxCvVG8tITtD2aqONKi8pkkE2C86%2FkmEuIvn2i%2BYHqDgzVbauUorI3HIpjB3cDjtUqUCg%2FJGGSGfOnMgMY1MYBZ6RD4Zf3%2BiYIsVc2t3ha3oBSdyigTqrFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 817af07d1ce565c0-FRA

GET
H2 200 api_generate_image
openfuture.ai/ 235 KB
176 KB 919ms
864ms Image
image/svg+xml 2606:4700:3031::6815:3d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openfuture.ai/api_generate_image?product_id=644a2bcf46ef792ee0804f70&theme=light
Requested by: Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aa3aeb2c8c1ae0f0f04958d15a7ec454e645066260737ac83bd8060bd9f5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DY2sWjHQ8vBCwmrbIXvYziOBnQcqeCanHUL0IqN52TZhllml4qtZF0jwwntZrHXjd7ZDI%2FljvgrawqI0asoDfjJfwVlQw1ZOmUkF3UgbjZBisv9x%2Bw9o7831Rnjea9Jx75AS3LNxXfi3MTEh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 817af07cfb175c7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 114ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2586248939932785

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cabcd7c59cc50b2d6a6623f1ba21056c7cf84be5383dc5cba7138eedac54f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50895
x-xss-protection: 0
server: cafe
etag: 4409069199179027729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:31 GMT

GET
H2 200 button.prod.min.js Show response
cdnjs.buymeacoffee.com/1.0.0/ 12 KB
6 KB 79ms
36ms Script
application/javascript 2606:4700:20::ac43:4663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.buymeacoffee.com/1.0.0/button.prod.min.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4663 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b50941eef94ced5cacf2234be9bdfba74d556e35394a63acd987735f6c1c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38520
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1746b365c2cbc4484d60d3d309ba892d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT76paO9Xfoys3q8GHHjLs9jK%2FCtssACBgZ9%2B5x6ywRMoMnvHbdfC%2FtgpCC2WSRPxv%2FT5FWivcWqSvnDHREBjPB8EHaLnJj3QBZmOrR1o%2FsjvD070UAOwbsLMoc26Zx1oTdYHiVqnD%2F7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, must-revalidate
cf-ray: 817af07cec1b1c42-FRA

GET
H2 200 ads-block.png
openfuture.ai/assets/img/ 20 KB
20 KB 45ms
17ms Image
image/png 2606:4700:3031::6815:3d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openfuture.ai/assets/img/ads-block.png
Requested by: Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f500de9b782b4150caf388e5fb565f5198ca76e576ab847f1cc83264801c69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 09:54:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1418
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr83kWELsHhBeGfMLxArR3BHZQf9YfgjsqFey1rTtUFaZRBc97DfQuyv4rGcQtdwDw3TJqIWkaZDEOZQhkiMIXfRe3wteazfy6VtDDEQBH0Bmdlcu3dxcoTAHiOfatAJKhaQUxgNqLl95pJq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 817af07cfb1a5c7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 secret.js Show response
chat.chatgptdemo.net/assets/js/ 442 B
831 B 22ms
20ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/secret.js?v=0.3

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01276c9052392e553a57490b09cb8f5c317d63a6a79bb36a44a403db00b9766d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYMh5ye9y2tkc78Yon9e18p9yO3XViTqU3DHrYYvbg2WKwUzeJsw4v%2BeiL0XiVXWmYfpKmes19OJGUw2QwCASKqlT9Gtqw5fWxRHAkxXq%2B1PsNYCHwTj3GtbQymzLE%2Fs9dzEekt9fqGTK%2BMZ5SRZJg8H7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 817af07cdaf99be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 secret.js Show response
chat.chatgptdemo.net/assets/js/ 442 B
793 B 25ms
23ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/secret.js?v=0.2

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01276c9052392e553a57490b09cb8f5c317d63a6a79bb36a44a403db00b9766d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HdIYzWKpVe1BpgtMoD7TwoXNkHJRENfSRTbTafppZJYOyN0ccf9uRUCslcezMSMItUAWMrx7BFY42zruoKe4mYgDo627xlZNHIowhiQW8rpi3MHWGO%2F6qgU7adcwxnmP3uWmEs%2ByuQp4POhqKGyYZu%2BvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 817af07cdafc9be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 403
Forbidden invoke.js
www.profitablecreativeformat.com/db67b57d37cbefacfdc313781521de72/ 0
0 297ms
94ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitablecreativeformat.com/db67b57d37cbefacfdc313781521de72/invoke.js
Requested by: Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://chat.chatgptdemo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 17 Oct 2023 19:27:31 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 51ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3J2500708C&gtm=45je3ab0&_p=1182437866&cid=1355647853.1697570851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697570851&sct=1&seg=0&dl=https%3A%2F%2Fchat.chatgptdemo.net%2F&dt=ChatGPT%20Demo%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3J2500708C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chat.chatgptdemo.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitablecreativeformat.com/1bdff8e4d08d3533f2b83b27dfff5f3f/ 0
0 97ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitablecreativeformat.com/1bdff8e4d08d3533f2b83b27dfff5f3f/invoke.js
Requested by: Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://chat.chatgptdemo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 17 Oct 2023 19:27:31 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/ 393 KB
134 KB 123ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2586248939932785&plah=chat.chatgptdemo.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2586248939932785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b4af23c43e3329587ff82f1e43cff970d9d1eaf05633f6ed18f3572ed5beb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136682
x-xss-protection: 0
server: cafe
etag: 2635546893045682417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 1AB2 10 KB
5 KB 51ms
15ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2586248939932785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:01 GMT
etag: 2603938475786422795
expires: Tue, 31 Oct 2023 09:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 main.js Show response
chat.chatgptdemo.net/assets/js/ 17 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/main.js?v=0.3

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a833eff9f0b5e5d4111de0e82218a0bd499ae9ca3d979cb00b381a139b2ecb4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/assets/js/chat.js?v=0.2
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Oct 2023 11:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2815
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkGctSf%2BWTKMMj9YC9xpaQwmyV5xPrAfq1khP%2FdAcZQ8deCZSILDbUj8aknLWSwKw7rKAd2KPe%2B6D8ouybSFkQx0rkgFSCVEPGIpdtlAuoIDv8iseea8wcL9%2FTZAq%2F8a9xbrx5mI1gtHDDxp7fgJoyGbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 817af07eedf49be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sse.js Show response
chat.chatgptdemo.net/assets/js/ 6 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/assets/js/sse.js?v=0.2

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4e370d6c26bda51f86eb180653380ae42eeb4b26757eb556f5f63b939ed625

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chat.chatgptdemo.net/assets/js/main.js?v=0.2
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:31 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 17:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5047
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWtG7SOOddBKMIfdiSQ8y2TSWT5%2BcX8mfbhYoHaVqn6qlmZyoWjjF5Sk1gwFrwU2xe7uC5i9UhlG2cTS2wmG4SEV2G44BDV0gTQbPfsqh72D%2Fws74oITi4SBB36KwnkYHrC9FxRhNyjOHKs7NMXBKxI1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 817af07eedf89be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 408 B
717 B 60ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cookie&display=swap

Requested by

Host: cdnjs.buymeacoffee.com
URL: https://cdnjs.buymeacoffee.com/1.0.0/button.prod.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37665f59cabe32433c647926b9830855ca12545eae536f749d7735aa93d11041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 19:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 19:07:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 19:27:31 GMT

GET
H2 200 syky-y18lb0tSbf9kgqS.woff2
fonts.gstatic.com/s/cookie/v21/ 14 KB
15 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cookie/v21/syky-y18lb0tSbf9kgqS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cookie&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chat.chatgptdemo.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 17:48:59 GMT
x-content-type-options: nosniff
age: 437912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14456
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:12:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:48:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
383 B 93ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=chat.chatgptdemo.net&callback=_gfp_s_&client=ca-pub-2586248939932785

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2586248939932785&plah=chat.chatgptdemo.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33DF 0
188 B 199ms
198ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&adk=1812271804&adf=3025194257&lmt=1697563651&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851643&bpp=2&bdt=368&idt=301&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3889423032680&frm=20&pv=2&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:32 GMT
expires: Tue, 17 Oct 2023 19:27:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D98 116 KB
39 KB 809ms
809ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=200&slotname=5335985259&adk=4004515947&adf=3773223381&pi=t.ma~as.5335985259&w=1000&fwrn=4&lmt=1697563651&rafmt=11&format=1000x200&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851645&bpp=1&bdt=369&idt=324&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qb7abjjEr4&p=https%3A//chat.chatgptdemo.net&dtd=329

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1721debacfab6048e51ff6ccb7cb9662f947f64fe6541b7ac04b2bc82650153a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39425
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:32 GMT
expires: Tue, 17 Oct 2023 19:27:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 get_user_chat Show response
chat.chatgptdemo.net/ 2 B
566 B 361ms
361ms Fetch
application/json 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/get_user_chat

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/chat.js?v=0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCrPL5VycnAWfdyZ8b%2BLiIPFIjc2A5mH9mjOJBbO9yyWFNnENO%2F%2BSy4j1jaI3QZEDUL4KN7omQ%2BXb4cGDxrRzjTHI%2FTn1WLSpUsEN26dzFrYGhwQ7hJKxZIwzzUxgwKWFUVA7fRvuzzz7jtcx3ZXUx1%2FJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817af08139719be8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H3 202 event Show response
meanlytics.com/api/ 2 B
523 B 429ms
405ms XHR
text/plain 2606:4700:3037::6815:24bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meanlytics.com/api/event
Requested by: Host: meanlytics.com
URL: https://meanlytics.com/js/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:24bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://chat.chatgptdemo.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QlnZtLOkBAKU6AsfPmQFuUDZl%2B1ppQBLFFtb787kRGH6KmDOYyuQJszI4vHsbFnLjk0fs%2Btlv45T83wypC7WlUB2a0tiN8OdVEJXyZTLRnGGk8ifLWqeB5wdbWmOgBP6AOjcUXNjddW2uCYbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 817af0815b48696f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F477sjD-1jMsBcAZfmjh

POST
H3 200 new_chat Show response
chat.chatgptdemo.net/ 34 B
592 B 236ms
236ms Fetch
application/json 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/new_chat

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/chat.js?v=0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcec1e24ff65aa0258055c248434265e2101e9ad391152ae915416e97c33aed0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ckr06EEiWj5pY4Oa0wtnnc5SJ64zfGuRym%2Fjh34q1PYG9dDPb8GWexNxxXx4xXIDoG6Jzjgtl4ZPHuepiIsYfPqvtAYHps%2FjgueJQJNaDAzVtWqdp2U1Bg4x7pVa1WFzbi9%2FkAbKBBuSzD08s%2F5G9DlvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817af083bdfb9be8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34

POST
H3 200 get_chat Show response
chat.chatgptdemo.net/ 71 B
627 B 194ms
194ms Fetch
application/json 2606:4700:3032::ac43:aa6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatgptdemo.net/get_chat

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/chat.js?v=0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:aa6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b0e18687cc3903e58b9120f9a6305f06215c317ace1251f25cff7bf02b0ebf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-security-policy: frame-ancestors 'self' https://chatgptdemo.net/
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bxb5YNZHZ7Mot336u7G6zGIirIKXlYYsHFtzyOkuN9pOh7tsnjES71Dt82auPYyS7j7DDZfOTMNS50mkNKdOOxhcfg224mIJuMNevGCAbXmPj0e8qKJ%2Fzs4LL98cRQ722MCkhu%2B%2BboNNFQ7nWvn7hrXaGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 817af084fffa9be8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 8D98 9 KB
4 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=200&slotname=5335985259&adk=4004515947&adf=3773223381&pi=t.ma~as.5335985259&w=1000&fwrn=4&lmt=1697563651&rafmt=11&format=1000x200&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851645&bpp=1&bdt=369&idt=324&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qb7abjjEr4&p=https%3A//chat.chatgptdemo.net&dtd=329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 12:45:24 GMT

GET
H2 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 8D98 11 KB
5 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:18:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8D98 14 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 19:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 19:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 19:27:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8D98 2 KB
973 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 8D98 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8D98 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8D98 20 KB
9 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D98 187 KB
59 KB 65ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:32 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 8D98 35 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2586248939932785

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/jquery-3.5.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c043bd36a2796bf375a48a5503c680e27fdab7cf2269fb62ad629158aceb2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51040
x-xss-protection: 0
server: cafe
etag: 15617498244128631133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:32 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 793C 126 KB
42 KB 354ms
353ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=190&slotname=2037123595&adk=3904284293&adf=3488685499&pi=t.ma~as.2037123595&w=760&fwrn=4&lmt=1697563652&rafmt=11&format=760x190&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570852830&bpp=3&bdt=1554&idt=3&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x200&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A4fJF05cx6&p=https%3A//chat.chatgptdemo.net&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7238f575b4a7c891ea1c96c3596b996f72ab6c082dea1c56a92f30031914ff54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43429
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:33 GMT
expires: Tue, 17 Oct 2023 19:27:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8D98
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSMKTJOAuZYgXiKaBB_ixiuAGweC3lXLtwPfl6hHZ2R4QASCytswZYJWCgICsB6AB_9uKyAPIAQGoAwHIA8sEqgTXAU_Q-qwUcbvYiXQGFvFFzG8O79TMvGdPvELzKXpXCCHcCyYow7kKG0o...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226943368890455822597%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:...

0
0

80ms
50ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226943368890455822597%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224403067900351236081%22}&andc=true

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6943368890455822597","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"4403067900351236081"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 19:27:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 19:27:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6943368890455822597","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"4403067900351236081"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D26 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=200&slotname=5335985259&adk=4004515947&adf=3773223381&pi=t.ma~as.5335985259&w=1000&fwrn=4&lmt=1697563651&rafmt=11&format=1000x200&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570851645&bpp=1&bdt=369&idt=324&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qb7abjjEr4&p=https%3A//chat.chatgptdemo.net&dtd=329
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:08:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D26
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
24ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:33 GMT
expires: Tue, 17 Oct 2023 19:27:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 93ms
49ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 19:27:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A42 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 509454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

GET
H3 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 793C 9 KB
4 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=190&slotname=2037123595&adk=3904284293&adf=3488685499&pi=t.ma~as.2037123595&w=760&fwrn=4&lmt=1697563652&rafmt=11&format=760x190&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570852830&bpp=3&bdt=1554&idt=3&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x200&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A4fJF05cx6&p=https%3A//chat.chatgptdemo.net&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 12:45:24 GMT

GET
H3 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 793C 11 KB
5 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:18:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 793C 14 KB
1 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 18:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 19:27:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 793C 2 KB
931 B 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 793C 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 793C 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 793C 20 KB
8 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 793C 0
0 25ms
24ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQrw3nT4Jgm5kz1tJ34c1kRxqlR4bM8yIQixL7cm2xwqGkE4cXJNrStLyEHyhkRNfe-BU4F9OFvcwZMWauzsF0jz1mew
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=190&slotname=2037123595&adk=3904284293&adf=3488685499&pi=t.ma~as.2037123595&w=760&fwrn=4&lmt=1697563652&rafmt=11&format=760x190&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570852830&bpp=3&bdt=1554&idt=3&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x200&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A4fJF05cx6&p=https%3A//chat.chatgptdemo.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 793C 187 KB
59 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:33 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 793C 35 KB
14 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H2 200 8531088085169195320
tpc.googlesyndication.com/simgad/ Frame 793C 5 KB
5 KB 18ms
18ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8531088085169195320?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7dc60e61057da0d2fa16d81bf79a006cda4bebddf9d0a2102e329d25265b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:43:13 GMT
x-content-type-options: nosniff
age: 441860
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4922
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 21:54:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Oct 2024 16:43:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB34 143 B
166 B 17ms
15ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2586248939932785&output=html&h=190&slotname=2037123595&adk=3904284293&adf=3488685499&pi=t.ma~as.2037123595&w=760&fwrn=4&lmt=1697563652&rafmt=11&format=760x190&url=https%3A%2F%2Fchat.chatgptdemo.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697570852830&bpp=3&bdt=1554&idt=3&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x200&nras=1&correlator=3889423032680&frm=20&pv=1&ga_vid=1355647853.1697570851&ga_sid=1697570852&ga_hid=1182437866&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805113%2C44805533%2C44805681%2C44805921%2C44805933%2C31078301%2C44803793&oid=2&pvsid=615744923393843&tmod=804685838&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A4fJF05cx6&p=https%3A//chat.chatgptdemo.net&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:08:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ECCF 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Wed, 18 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 793C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeb61810236ae74ce4fb3cd8cdcffe0e90f93e184a5ffd6851b489815024fc0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ECCF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1&google_push=AXcoOmQXFAdDo9Ab5chxMayn19Siq_nuO76y14UhB-sVt3G79OM1CEL46LYXoqkDgFa8yX8OODypD1-CaqCJqXWMbdAS4V5DmLHWLw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3MDI2Njc4NTk4MjU1OTcyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1

43 B
398 B

18ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDFQKtJfPGzwMvMLvIynziw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ECCF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDR5NVRnRjMxUVNQSjM1&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_Q...

170 B
329 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDR5NVRnRjMxUVNQSjM1&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_QZPGp1Z5-AWcVPiWeKLxTrrZjDBVhp9ITVi4FaqCaKgHkziYmnqstH

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Oct 2023 19:27:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NDR5NVRnRjMxUVNQSjM1&google_gid=CAESEA1RI4Jz9x1TCaeT1fFx2Es&google_cver=1&google_push=AXcoOmSvGEurTBrga0_5sf3rSN9tJKOOTGtPOKjGLshNu_QZPGp1Z5-AWcVPiWeKLxTrrZjDBVhp9ITVi4FaqCaKgHkziYmnqstH
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame ECCF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcY...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPE...

43 B
426 B

220ms
197ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 817af08a8e8f39c7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1459
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJAXFBpNI2CKjVyD7qvVWWs&google_cver=1&google_push=AXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR-F6R6zUA-Guh7QylnCU9FXgRFULHVdtQL1AEEMzScxccTa1AEj_3R9WnK5gz7tAvaewI0QZ36xOqg1-1y9GXXd8VmLPEcYQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 817af0894ca639c7-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECCF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIfQSXXkWyDJHauTLfCglZs&google_cver=1&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_ForP_Bw&google_hm=eS1Ja2l2NGUxRTJwSE1v...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_ForP_Bw&google_hm=eS1Ja2l2NGUxRTJwSE1vaWR2M2F5Q2xZeDFndXU3SS5kQ35B

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 Oct 2023 19:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSZGhvpFbiTtr6Hjw_UYt9n6tK6YER4T7s0b1mRGkbv5dmhBMqwmFk69II4QCmNJFCNOvHiFGW10PqZA2s7akWwol_ForP_Bw&google_hm=eS1Ja2l2NGUxRTJwSE1vaWR2M2F5Q2xZeDFndXU3SS5kQ35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECCF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENaqRalbB2dDfZETD577R7o&google_cver=1&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pd...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENaqRalbB2dDfZETD577R7o&google_cver=1&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSUIAp6IJwRfR6ekIMlc0rm-TgA-QMqBkLsY5KyomM_P-0ehhEaDhk7LytDkRBjc8mVxJDyc1Y69VVCun44xzUs_pdH4o9ySA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECCF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAcLsrPP89jlL-ykI5QH1yY&google_cver=1&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAcLsrPP89jlL-ykI5QH1yY&google_cver=1&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU5Nzk2NzAzNTg1Mjg5OTY0Ng&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8...

170 B
188 B

27ms
26ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU5Nzk2NzAzNTg1Mjg5OTY0Ng&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gEtkn3CNixHT3KFQwxADZt

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU5Nzk2NzAzNTg1Mjg5OTY0Ng&google_push=AXcoOmQf7BCX4e7suDRFdqLGhZAaF4-LKEOsXNuKff2RFgAK4zQcehRALHXhhDgpbXz2hqqstp8hM8gEtkn3CNixHT3KFQwxADZt
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ECCF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMblhPl7y9DWzT2B5lnIcoo&google_cver=1&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4WPaTKYZ1V_45fbxDtQ

170 B
232 B

37ms
37ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4WPaTKYZ1V_45fbxDtQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRdbIa-IGBhr5JFsR8G_0wdX5v3QB7zTV5F6J2qLp2GY3yvo33udEswsfDBacy8skeD1w4tuekipTe4WPaTKYZ1V_45fbxDtQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ECCF 0
139 B 77ms
34ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JalMWiDBzhCzE51f4cGyZu05bxv8CGk_UZuWF3s-GV-EhuYzTJPVONuz6JGDhJtpUHomuP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 793C 33 KB
33 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 37095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:33 GMT
expires: Tue, 17 Oct 2023 19:27:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 793C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwm-CJOAuZYDtNO__x_APz4eWGMHgt5Vy7cD35eoR2dkeEAEgsrbMGWCVgoCArAegAf_bisgDyAEBqAMByAPLBKoE1gFP0I1ecMR8KevgiqITythix6MK6FZgAKQep-g1-syD5tEqD9yxSwY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215400332785717192560%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22...

0
0

53ms
52ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215400332785717192560%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217531535954569197553%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15400332785717192560","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"17531535954569197553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 19:27:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 19:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15400332785717192560","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"17531535954569197553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 110ms
108ms Fetch
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/secret.js?v=0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50901
x-xss-protection: 0
server: cafe
etag: 12975075324478237546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:33 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 159ms
158ms Fetch
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: chat.chatgptdemo.net
URL: https://chat.chatgptdemo.net/assets/js/secret.js?v=0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50895
x-xss-protection: 0
server: cafe
etag: 3890485902807508859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:27:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
74ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

032f3e0efc0a209279ec8c68fe73117d56967b7a9eec52ed25ea44ccc3879619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12291
x-xss-protection: 0

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame AAB1 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 509454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
50ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 19:27:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 19:27:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6A0 13 KB
5 KB 18ms
18ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 18:13:40 GMT
expires: Wed, 16 Oct 2024 18:13:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DDF 829 B
560 B 30ms
29ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79ffc2f427f06f41228b374ca8938049414838c6575b63d454f5ca582b7b5ca7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rd1BQKqK9xa6WsLp-K99OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chat.chatgptdemo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rd1BQKqK9xa6WsLp-K99OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 19:27:33 GMT
expires: Tue, 17 Oct 2023 19:27:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame E6A0 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 17:45:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DDF 0
0 118ms
118ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=615744923393843&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E6A0 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dlSGqg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:27:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 122ms
121ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=615744923393843&bg=!KyilKGfNAAbFpEfJ5aQ7ADQBe5WfOFCdX0dA0XjXPLDEumxktpOVxUOfk_ZsR3F7TYSdsxyMqMEd5O-SXlI73s0oXpLUAgAAAEhSAAAAB2gBB5kC_KeZwGxX9d0tjHfzG2-sb46GRB__LoiLzh28UqQhI5WgL9q_8IpH3b5JVeOlGYq3vY6xSSAk81i0rla6sVsWlVUw6OurUFYYC-dpxd3rC5_hafohKcaalt3YJjDLng500ajmHTD7HxjCDo9Lw312TdkzOjFho-w0fLCdrmr_LNdmzqWKsWNWuP0kEbjQtpNYouyBuyMSHAVT0skWL30Qp_LEe6Vln8fxmUo-JjeQ0Ukjf4H7aaZXmLnYy0l8zDlppkK3sF4dpLshuuw-dC4ruDYMi5dhEeQLRa1jKMSPLH9lhs51NRgULqVJqxnalQd6P-OzPm0cqZdp343bpsuOz2iybzUn-XV7P0GE2PIrkUfgDRercNHJ6_Tmw9FxXtDzAQuL6DRw8QTfLWmlZ8-YVIGjcjLRMLf5jkiJgrNq5iYcNRwcRVj2CH73EojWnanJBV1DuJoLYHBemUXmzwIyKpQwT8owgepEQgwgOcVROI8OyZfhK39BkdeBFNciYdg_Bj1KKW9dT9WQGb5pT7eeB8JlRpO9XkPhfxWrFW2yM8GaMsO3j4DcEP8zwZG5XnGh5koIgXclW_XGZoqxajeysO1hn2-QTtgfZwRJEwCpAdat6sqfS4BznHX-QA9rBaCfSVo8amqpd3rRYc5ZYVOurWqG3NODz0BEFQAgoyuk7oAkLpIreTGPzSd3Fwffr7tvv3Qbr0eM7XsD23n4t8UwcibDP414J2NT5sDLNkgjRLJeyZE4PhKiT091OJ-COCuCQ21oAzjOSCRq9JMXFB2kT7aRckLwHqGqXnBZz5Tiblu124B4_zXsVQ9qNFWV7UkUDeVtDQUDBJw1hoezFY33m-hVJEHHBrewbpgRiQHW4Zzfkcqb8HZCh2srR2y-yDFwqIl9uKIh3loHz0oHLG7Xel4mswGZjwu-mvcmA5JzCbgDZ0s2-5bdTzTs2w5x0kvYSoAydnI7yC7kx-hJhLMsp1YrEnXQTbSG3wJxfc_rFzeNk_MElV0EKhtPMZaZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chat.chatgptdemo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 793C 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGjjOD1_-qZRY5addcaGhAEj8U2_2ZlSOuOxwlH0_I4jU4tir-QNABYBIiztjCWR9sU0pe4lp8myqmoABKy7pPcZVyA94-m-IliZLiPvAw3dwqSsyE_HWnfyX0GWYnPJbvauTAQbNmBUiM&sai=AMfl-YT9Olr0Tmr7tGZfab7UbwSR_QxsgTgS9LVO-F-D5QnLi0SD8RlkH77dY6hsa9z3YsYZyq_QHQ7bfBVgwPgbf_LPMP2h8oirKGc&sig=Cg0ArKJSzFbV9uaNnA_QEAE&cid=CAQSKQDICaaNaKXD-g-rk-Y06ZpIIap2G_kx6CPHlxQASJ6-sTAW0T6_pbFrGAE&id=lidar2&mcvt=1000&p=0,0,190,760&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3904284293&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697570852837&rpt=547&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 19:27:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chatgptdemo.net/	1970-01-21 01:08:50	Name: _ga Value: GA1.1.1355647853.1697570851
.chatgptdemo.net/	1970-01-21 01:08:50	Name: _ga_3J2500708C Value: GS1.1.1697570851.1.0.1697570851.0.0.0
chat.chatgptdemo.net/	1970-01-20 15:42:55	Name: session Value: eyJ1c2VyX2lkIjogImd5ZWZueThydmtzaTBxcHBrIn0=.ZS7gJA.NamGCoGUUuPuG2WNABwFVm0oP9Y
.doubleclick.net/	1970-01-20 15:32:54	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:42:26	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 00:54:26	Name: IDE Value: AHWqTUkxHwJYVmRxl5cTWObYVxHW2zL-z8lWdrmlvzM6V0N1igdmYf5KhvatsYuTQFQ
.w55c.net/	1970-01-21 01:04:31	Name: wfivefivec Value: 44y5TgF31QSPJ35
.w55c.net/	1970-01-20 16:16:02	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 19:52:02	Name: uid Value: 9170266785982559728
.adform.net/	1970-01-20 16:17:29	Name: C Value: 1
.de17a.com/	1970-01-21 00:11:14	Name: guid Value: 1.4596447593410813991
.adform.net/	1970-01-20 16:59:14	Name: uid Value: 2597967035852899646
.yahoo.com/	1970-01-21 00:18:48	Name: A3 Value: d=AQABBCXgLmUCEEkkrBY6KdLIM1WN7hpIQHgFEgEBAQExMGU4ZQAAAAAA_eMAAA&S=AQAAAo5mhb1EVb9wAi_1ggVJr9o
.tribalfusion.com/	1970-01-20 17:42:26	Name: ANON_ID Value: amntuJy4ZawFBA9MAIAno6DSYt3ZdjMFjkTZcu7e5T2iHo9ZbxiUGFWrjQXZbJf8TQDxShg4nIYWVmu1DN2WtaZctAjnvF

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://chat.chatgptdemo.net/(Line 283) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/db67b57d37cbefacfdc313781521de72/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://chat.chatgptdemo.net/(Line 283) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/db67b57d37cbefacfdc313781521de72/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitablecreativeformat.com/db67b57d37cbefacfdc313781521de72/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://chat.chatgptdemo.net/(Line 667) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/1bdff8e4d08d3533f2b83b27dfff5f3f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://chat.chatgptdemo.net/(Line 667) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/1bdff8e4d08d3533f2b83b27dfff5f3f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitablecreativeformat.com/1bdff8e4d08d3533f2b83b27dfff5f3f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://chatgptdemo.net/
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
c1.adform.net
cdnjs.buymeacoffee.com
cdnjs.cloudflare.com
chat.chatgptdemo.net
cm.g.doubleclick.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
meanlytics.com
onetag-sys.com
openfuture.ai
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.profitablecreativeformat.com
142.250.184.194
172.217.16.194
192.243.59.12
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.182
2606:4700:20::ac43:4663
2606:4700:3031::6815:3d05
2606:4700:3032::ac43:aa6a
2606:4700:3037::6815:24bb
2606:4700::6811:180e
2606:4700::6812:19ad
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a05:d018:d29:3602:c1c:c446:a0f3:d97c
3.121.79.42
37.157.6.232
51.89.9.254
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
01276c9052392e553a57490b09cb8f5c317d63a6a79bb36a44a403db00b9766d
0165b37df91f9f5a32c0afa5acaac1e6f497d070895fd9f62879e1a28c4cc955
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
032f3e0efc0a209279ec8c68fe73117d56967b7a9eec52ed25ea44ccc3879619
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
07b0e18687cc3903e58b9120f9a6305f06215c317ace1251f25cff7bf02b0ebf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1721debacfab6048e51ff6ccb7cb9662f947f64fe6541b7ac04b2bc82650153a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c043bd36a2796bf375a48a5503c680e27fdab7cf2269fb62ad629158aceb2a7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cabcd7c59cc50b2d6a6623f1ba21056c7cf84be5383dc5cba7138eedac54f3e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b50941eef94ced5cacf2234be9bdfba74d556e35394a63acd987735f6c1c6b
37665f59cabe32433c647926b9830855ca12545eae536f749d7735aa93d11041
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7238f575b4a7c891ea1c96c3596b996f72ab6c082dea1c56a92f30031914ff54
725f5861f65b4552e1fddbee66e5e8c45a02925a816600ad26c17f34bbf16ab1
76aa3aeb2c8c1ae0f0f04958d15a7ec454e645066260737ac83bd8060bd9f5c0
79ffc2f427f06f41228b374ca8938049414838c6575b63d454f5ca582b7b5ca7
7b9fb9077040d42f64bdbee2f09592b6e131a4fde3135260306aa07c638deeaa
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888
a833eff9f0b5e5d4111de0e82218a0bd499ae9ca3d979cb00b381a139b2ecb4d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
b58730803910bbad1ff1ffa031614daaefecd46802b8011f050b72958e6b3aa1
bccab90deae4e2cace3d45043b19ebd90814ab680722e3def29de73175bfc9fd
bf4e370d6c26bda51f86eb180653380ae42eeb4b26757eb556f5f63b939ed625
c2576abffaca3f191e4b103fc95e7fa7a42d0ba9bff1eb9db74bd43d6e61ad54
cb7dc60e61057da0d2fa16d81bf79a006cda4bebddf9d0a2102e329d25265b5f
cdf95378db92a6fe927d0fab707d1d2ce23b954f118695d13240ac9fa1f80e0f
d71db8e9a32ebe0c2b4c421214e0a97014b8da1f03ffe0cf2ab7ca116c967a0b
d7b4af23c43e3329587ff82f1e43cff970d9d1eaf05633f6ed18f3572ed5beb0
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
db5798cfccf1c3649a4b2870e831a5b57ce6c20276cde63bbd6d10611497051b
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eeb61810236ae74ce4fb3cd8cdcffe0e90f93e184a5ffd6851b489815024fc0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f500de9b782b4150caf388e5fb565f5198ca76e576ab847f1cc83264801c69
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf
fcec1e24ff65aa0258055c248434265e2101e9ad391152ae915416e97c33aed0

chat.chatgptdemo.net Open in urlscan Pro 2606:4700:3032::ac43:aa6a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

90 %HTTPS

73 %IPv6

22 Domains

28 Subdomains

22 IPs

6 Countries

1136 kBTransfer

3099 kBSize

14 Cookies

3 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chat.chatgptdemo.net Open in urlscan Pro
2606:4700:3032::ac43:aa6a Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

90 %
HTTPS

73 %
IPv6

22
Domains

28
Subdomains

22
IPs

6
Countries

1136 kB
Transfer

3099 kB
Size

14
Cookies

88 HTTP transactions
1 data transactions