weeklyad-target.com Open in urlscan Pro
89.187.188.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://target-weeklyad.com/
Effective URL:
https://weeklyad-target.com/
Submission: On November 06 via manual (November 6th 2023, 8:25:43 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 113 HTTP transactions. The main IP is 89.187.188.221, located in Prague, Czech Republic and belongs to CDN77 ^_^, GB. The main domain is weeklyad-target.com.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.

This is the only time weeklyad-target.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.105.110.5 185.105.110.5	210079 (EUROBYTE) (EUROBYTE)
28	89.187.188.221 89.187.188.221	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3 17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
113	14

1 185.105.110.5 (Moscow, Russian Federation) 1 redirects

ASN210079 (EUROBYTE, RU)
PTR: isp102.mchost.ru

target-weeklyad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 89.187.188.221 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-188-221.cdn77.com

weeklyad-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	578 KB
28	weeklyad-target.com weeklyad-target.com	2 MB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	150 KB
8	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	925 B
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
6	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	53 KB
5	gstatic.com p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	19 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	238 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	70 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	1 KB
1	target-weeklyad.com 1 redirects target-weeklyad.com	263 B
113	12

	Domain	Requested by
28	weeklyad-target.com	weeklyad-target.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	weeklyad-target.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	mc.yandex.com	3 redirects weeklyad-target.com mc.yandex.ru
6	www.googleadservices.com	weeklyad-target.com
6	www.google.com	4 redirects pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects weeklyad-target.com
3	fonts.googleapis.com	weeklyad-target.com googleads.g.doubleclick.net
2	p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com
2	partner.googleadservices.com	pagead2.googlesyndication.com www.google.com
1	cdnjs.cloudflare.com	weeklyad-target.com
1	target-weeklyad.com	1 redirects
113	15

This site contains no links.

Subject Issuer	Validity	Valid
weeklyad-target.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://weeklyad-target.com/
Frame ID: 3C6DA5E377DC6A55C082DC7654E267F0
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html
Frame ID: AD2575E41E3C735739BE7348ECAFFA21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&adk=1812271804&adf=3025194257&lmt=1699302337&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fweeklyad-target.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337625&bpp=12&bdt=470&idt=308&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3629208944729&frm=20&pv=2&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328
Frame ID: 46AE640EA68CF8B93FD5C49548CC7802
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&h=280&adk=2419770160&adf=3955570658&pi=t.aa~a.1043414356~rp.1&w=947&fwrn=4&fwrnh=100&lmt=1699302337&rafmt=1&to=qs&pwprc=3114290301&format=947x280&url=https%3A%2F%2Fweeklyad-target.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337637&bpp=2&bdt=482&idt=323&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3629208944729&frm=20&pv=1&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=327&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=hYusVy1Ls0&p=https%3A//weeklyad-target.com&dtd=326
Frame ID: F388639C216B0D5B295F4D7AE02B43F1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3AEDF0488A77060A4EF6D19058E58ABF
Requests: 2 HTTP requests in this frame

Frame: https://p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 238C4860062C13BB5F2F58F15E6FB533
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: 40537C6A50CD43273CFC686F6155E59D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: E051A9F064895EAC362EF16FD2AAA71F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: 767E3229E0EE1575AC34B9AEB2D19AA0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BDC95C9DC0BDEF0FECDA6BD4046129B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ACE9E3D177A4ADAB075B49B1FB0654B6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 8D50F6CADB95442F1B12D3F6BF516A8F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3FFF69C6AECFC5AD8E59F2695F9FB7B2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 977123D5613A0FE67C9828A7C1ACC296
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 2F848B23FE321599E2B08EFEA59664BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 496052141CD509DCA9399AC23A1472C5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 60A3DD99158B3A2B0F6611556A82C0ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F43D4016A1E26FAD7E40493F960DACA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5CC5A271EE51FC287D480D61D2F2BCF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Target Ads | ⚡️ Weekly Ad Preview

Page URL History Show full URLs

http://target-weeklyad.com/ HTTP 301
https://weeklyad-target.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

96 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

2790 kB
Transfer

4865 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://target-weeklyad.com/ HTTP 301
https://weeklyad-target.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.JDVSBEsjIc_8w1ITL9S4xP1NFYhhGlRb8ydU_TY0wXbjCbL_4INwx2luiIXrjlzm.esCUl_NXTqWu9LeRVnCqX3P-uHE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10172.XjjK_ASMqQwMR27UuG1WRsx68YBQj-Ky1WepASfXCKB17OvpUl9VKvl3oad7u0zJwpqH83MWl9XLDXeFklY7gV6S4hc7bhN9og33BvlDTOOBik1dA-hOdUja6YEHEF9iV25MK7PyX_hSjD-69OPC1wK7jU2TcNSja0waSOshciwTA5iyT6Nc01vgfsiUeRP6X1L8suzsinhw6ARsAgtCyNs8tlWPfFaA5Z7jV6ngIDI%2C.faoD6FTcHyaEtcf3vL26rYstOCc%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Rrr-M3QaXzENrQYWUanyo9-pn-UI2IcRzldgn2tcN6xDSqM--FpgHZ9l4_-OqCa6GngJN9-E3YCHd8S0zpw2Qnn153n5KyBvjNuSj8MYRxFhsYoGLbOV1ij42ea6MIXnZokt-XIJ7eNDueTQfulpdXzZCL_XuXqsnVDYCE41WxYuFr44_REWszUBNJ-SoHOIVz49xnv9IiCv1wj4nwQsGw%2C%2C.IGslyfP5mpGsLggU9-9GRhLtqVg%2C

Request Chain 38

https://mc.yandex.com/watch/90737997?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A1667910264179%3Ahid%3A122460479%3Az%3A60%3Ai%3A20231106212537%3Aet%3A1699302338%3Ac%3A1%3Arn%3A318933462%3Arqn%3A1%3Au%3A1699302338771661257%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C84%2C253%2C39%2C407%2C0%2C%2C293%2C1%2C%2C%2C%2C1313%3Aco%3A0%3Acpf%3A1%3Ans%3A1699302336208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699302338%3At%3ATarget%20Ads%20%7C%20%E2%9A%A1%EF%B8%8F%20Weekly%20Ad%20Preview&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/90737997/1?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A1667910264179%3Ahid%3A122460479%3Az%3A60%3Ai%3A20231106212537%3Aet%3A1699302338%3Ac%3A1%3Arn%3A318933462%3Arqn%3A1%3Au%3A1699302338771661257%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C84%2C253%2C39%2C407%2C0%2C%2C293%2C1%2C%2C%2C%2C1313%3Aco%3A0%3Acpf%3A1%3Ans%3A1699302336208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699302338%3At%3ATarget%20Ads%20%7C%20%E2%9A%A1%EF%B8%8F%20Weekly%20Ad%20Preview&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=C0X91wktJZanQB9nBvcAPmpe92AqRjImHdPyG-JW3Eu6_i6nePBABIMyb5G9glYKAgKAHoAH75N-YA8gBAqkCIqxay4EIsj6oAwHIA8kEqgTWAU_QZ2mihYfFY8SUXZmr2HYiQot1W9oiisQWBWL5_dhfYwWkhWmav6Op4lRxw4uuCj7N2eLQ_9nn336uTBXeF38k6xxk2fVZmP934zCx6LVU1GiDuyaZUZWOx5tTwremdXbH_iSqHlUrKeIORNVAqA7b8WGKQJ1CWq2Um_GRoawTXDJXF1zt0Gdr-0_RiDO3hXR88sC1yVNHQ_-U3RyCcfxTa7u4QE_WwSYrXTJr24NuZoJedoTHUClX5KRmMjOD0lZ3S5_Zy6yeBguBxo375encC_ylvuvABLXiwcitBIgF9ojrr0uSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH7ZqgZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJDhEdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCfIBaHR0cHM6Ly93d3cuZW5wYWwuZGUvYXJ0aWtlbDIvc29sYXJhbmxhZ2VuLXZpZWxlLWhhdXNiZXNpdHplci1tYWNoZW4tZGllc2VuLWZlaGxlcj91dG1fc291cmNlPUdvb2dsZSUyMERpc3BsYXkmdXRtX2NhbXBhaWduPTIwMjMyOTc5NTc0JnV0bV90ZXJtPTE0OTY3MDYyMTQ5MyZ1dG1fY29udGVudD02NzY5NDIzODMyODMmdXRtX3BsYWNlbWVudD13ZWVrbHlhZC10YXJnZXQuY29tJnV0bV9kZXZpY2U9YyZkZXZpY2Vtb2RlbD2ACgHICwGiDAwqCgoI5LSxAu61sQLYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzQwODI3MzQyNzk2NjU2ORgA&sigh=23oE_u9FB2c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNBxpfwnoQpkrgR-wkuCV5hTCWpiBq1_gztL5D4TwjU8PJ6VXUGgbGLA1TDfOmxcoHN1PDIY-c9pCZ43WHpxHduGlJtP6ZeUgYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212021079163319524249%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215250065607239743025%22}&andc=true

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://googleads.g.doubleclick.net/pagead/adview?ai=CYzA6wktJZb61B4isvcAP-aSzwA64m7uDdJS5m7i_Et7ZHhABIMyb5G9glYKAgKAHoAGG76uVAsgBAqgDAcgDyYSAgASqBM4BT9DysUnDAkVjQR70cTNaspIfXKRZuRcwfZ3DUsUd4U4e2H41hiniAQxq2ynN_bMx-f6OV0peLwBFhlYSLAZoA9orX3UJooM-5apSkI4JuLpJNrf-OnxEV9zXwpE5TvdQMkHvbditZqLKBKL-tkaKRdoEvNvt2nPLh_Bb96j7oG4uFJLZ7YKGpnN5syDgnvXX9yVIIPgHf_etX66_mU_58vz8bbvOer8Mn5Umu83WjNH7btKczP-XjjVso7GQ02z6FGKN5M-y7rdS9-AdYErABIjTldfJBIgFofDrgE2SBQQIBBgBkgUECAUYBKAGAoAH4pDU6gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDf_hPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmcAWh0dHBzOi8vd3d3LmNvdG9zZW4uY29tL2FjdGl2aXR5L2hvdC1zYWxlLTY4MTEvP3RzcHU9U1AyMzEwMTEwSUU1LFNQMjMxMDMxT0U3TixTUDIyMTIxM09BS1YsU1AyMzA5MTNVQlkzLFNQMjMxMDIzMzVPVCxTUDIyMTIyMlFETUQsU1AyMzA3MjBLTEhQLFNQMjMwMjIyQ1NEMIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03NDA4MjczNDI3OTY2NTY5GAA&sigh=IZ0vxzJjpfU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNm7hvT1YmUSbT7AfO6Mgr7Pnt84QltS_4ycYLUIQyT30d_xtJRGOlNHpQu05v-bRK_2dojDR-vKtrK0fQkkvp98fy5XfvcBAYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212926747729942500497%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210935735540551600193%22}&andc=true

Request Chain 98

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvt0OwktJZb-1B4isvcAP-aSzwA6c9Nb7c-PulpmeEtu95frHJRABIMyb5G9glYKAgKAHoAGYqo61AcgBAqkCIqxay4EIsj6oAwHIA8mEgIAEqgTOAU_QYFfecXqWyrIXnJuZ4Myd0DtoppVLkZ21nY45TB6rE1V8XjrsxhQvMdhkZkPjYiidRnlT5p45CTY-yJIUGdHeRgaC5ZpeZPpJvlwHUICiMlzfQgl25KLThziSvRUL54Vfvbv5j45ffaEhBWM59cS-69wQDQfMbfQsdrvq1s1jprIwHSszfCrDu2JIO4EKOIYjdogzJwFSapEGeD05hl4uuVqjGvVwGVVck2VsL-XbREDeKBtV3CcH8yvMOGL4Z1TWY3I1vit_ph4lqqY3wAS3yZ7exAOIBcqPqeIwkgUECAQYAZIFBAgFGASgBgKAB6vk8coCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQybQE0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJL2h0dHBzOi8vd3d3LmdyYXZpcy5kZS9LYXRhbG9nL0dSQVZJUy1BYm8vYy8wODg3gAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTc0MDgyNzM0Mjc5NjY1NjkYAA&sigh=8l03_x3Fnc4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNm7hvT1YmUSbT7AfO6Mgr7Pnt84QltS_4ycYLUIQyT30d_xtJRGOlNHpQu05v-bRK_2dojDR-vKtrK0fQkkvp98fy5XfvcBAYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22403841799625122772%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214207646826640588033%22}&andc=true

113 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
weeklyad-target.com/
Redirect Chain

http://target-weeklyad.com/
https://weeklyad-target.com/

56 KB
56 KB

525ms
253ms

Document
text/html

89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-188-221.cdn77.com

Software

nginx / PHP/8.1.21

Resource Hash

9867f40bcd49431d3af516b2057135e67fc654d78389a456f389376a4ed18fd9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Mon, 06 Nov 2023 20:25:37 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.21

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 06 Nov 2023 20:25:36 GMT
Location: https://weeklyad-target.com/
Server: nginx/1.14.1
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 rating.min.css
weeklyad-target.com/media/plg_content_vote/css/ 561 B
680 B 45ms
41ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/plg_content_vote/css/rating.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: bff9085ada5bc246c3c7727f117a2e3c124c0434746899b55790027017bea2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-231"
content-length: 561
content-type: text/css

GET
H2 200 colors_standard.min.css
weeklyad-target.com/media/templates/site/cassiopeia/css/global/ 106 B
225 B 45ms
42ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/templates/site/cassiopeia/css/global/colors_standard.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 0c6bca37f5f8ae0c1ee85f51bfbdb2c39d67cccae7cae3156df2ed7727c5204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-6a"
content-length: 106
content-type: text/css

GET
H2 200 template.min.css
weeklyad-target.com/media/templates/site/cassiopeia/css/ 239 KB
240 KB 46ms
42ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/templates/site/cassiopeia/css/template.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 1f490b804d1df28160dae4a43f1196353f8545c94a688f31df6d6ae045225a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-3bcfb"
content-length: 244987
content-type: text/css

GET
H2 200 my.css
weeklyad-target.com/media/templates/site/cassiopeia/css/ 7 KB
8 KB 89ms
86ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/templates/site/cassiopeia/css/my.css?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: a518a1f0b68e49bfc64f21ed58600f7be19ca85d08f6266842cf97d69de02f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-1d8f"
content-length: 7567
content-type: text/css

GET
H2 200 joomla-alert.min.css
weeklyad-target.com/media/templates/site/cassiopeia/css/vendor/joomla-custom-elements/ 6 KB
6 KB 89ms
86ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/templates/site/cassiopeia/css/vendor/joomla-custom-elements/joomla-alert.min.css?0.2.0
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 84cf690af7c195322f4655f9b2a888410fda62f076fdd930dccf43d0d11a3686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-18ed"
content-length: 6381
content-type: text/css

GET
H2 200 ampz.min.css
weeklyad-target.com/plugins/system/ampz/ampz/css/ 80 KB
81 KB 89ms
87ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/plugins/system/ampz/ampz/css/ampz.min.css
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 3b08d0d730f2a5975ff18686c991957b4da42068930ef2373057199bb60214a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:28 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b0-1416b"
content-length: 82283
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 96ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171b53ac6c2b6c6465d43bf526ad79f892551eef87d62385642c08b8d2122038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 20:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 18:40:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 20:25:37 GMT

GET
H2 200 jquery.min.js Show response
weeklyad-target.com/media/vendor/jquery/js/ 87 KB
88 KB 89ms
87ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/jquery/js/jquery.min.js?3.6.0
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-15d9d"
content-length: 89501
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-noconflict.min.js Show response
weeklyad-target.com/media/legacy/js/ 26 B
165 B 89ms
87ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/legacy/js/jquery-noconflict.min.js?04499b98c0305b16b373dff09fe79d1290976288
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 47084350921ff4f9e4908afef36723b84de4247eaf51c403950638b9126c8f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-1a"
content-length: 26
content-type: application/javascript; charset=UTF-8

GET
H2 200 core.min.js Show response
weeklyad-target.com/media/system/js/ 8 KB
8 KB 90ms
88ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/system/js/core.min.js?3b2c7481f479d57ca6a59403341a2e378a288779
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 8155c3ca7c6952e262fc67bb872a4e516aea71d681b7d9ae94f9da69cfe506ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-1e01"
content-length: 7681
content-type: application/javascript; charset=UTF-8

GET
H2 200 template.min.js Show response
weeklyad-target.com/media/templates/site/cassiopeia/js/ 836 B
977 B 45ms
45ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/templates/site/cassiopeia/js/template.min.js?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 5838ce43b792853e87fdd8294bad15d73e4c9204b1e313ccb497f255cac6fbaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-344"
content-length: 836
content-type: application/javascript; charset=UTF-8

GET
H2 200 collapse.min.js Show response
weeklyad-target.com/media/vendor/bootstrap/js/ 5 KB
5 KB 90ms
88ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/bootstrap/js/collapse.min.js?5.1.3
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: ed121d4aa40f210e3317c9251e05c042e2051dfdd33b314fdd38ffe8f372b247

Request headers

Referer: https://weeklyad-target.com/
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-1536"
content-length: 5430
content-type: application/javascript; charset=UTF-8

GET
H2 200 messages.min.js Show response
weeklyad-target.com/media/system/js/ 5 KB
5 KB 133ms
132ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/system/js/messages.min.js?7425e8d1cb9e4f061d5e30271d6d99b085344117
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: d5d2e5ff36a371736c74fc21effdb456e0fd7ad1d7a93dd44a65e24c03e64b8b

Request headers

Referer: https://weeklyad-target.com/
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-152b"
content-length: 5419
content-type: application/javascript; charset=UTF-8

GET
H2 200 ampz.min.js Show response
weeklyad-target.com/plugins/system/ampz/ampz/js/ 43 KB
43 KB 133ms
132ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/plugins/system/ampz/ampz/js/ampz.min.js
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: d9ecb50b9bc5e64a483ca1f1b4356fb7c29bc52b1faba2d5a81e0da288a06d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:28 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b0-aa83"
content-length: 43651
content-type: application/javascript; charset=UTF-8

GET
H2 200 simple-lightbox.min.css
cdnjs.cloudflare.com/ajax/libs/simplelightbox/2.14.1/ 4 KB
1 KB 105ms
35ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simplelightbox/2.14.1/simple-lightbox.min.css

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ea7943d3556f181fbcd55dc74738bfc4366447510d488d80ad95171654c733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 577828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 843
last-modified: Tue, 01 Aug 2023 15:42:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c927f7-34b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zu06UgOd6eWVV%2BhdXa7wxEBbNM9M%2BVjQv%2BXoeE2YQPki0VsesPF4k7rlA3tZ2kTk4ro0mBTTj5fiPg7f%2BcTprm7sLUsLRdtM5BlDpJW4m3d8ZtKVWmt%2F4InoJGIXtsGKrkJj2mHPsxu8NRCB2%2FL%2Fd3r"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82201117c91a2c3e-FRA
expires: Sat, 26 Oct 2024 20:25:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 138ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7408273427966569

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8907fd91aa35152a570c7f6efb5362df7c04902ef8b986a679fd03da5d553277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52489
x-xss-protection: 0
server: cafe
etag: 7512902526007004146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:37 GMT

GET
H2 200 logopng.png
weeklyad-target.com/images/ 1 KB
1 KB 44ms
43ms Image
image/png 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/logopng.png
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 6642eacbc52f1c139a64c0b1c97aa5aafb4b71dce2520963e9d19a7c9fb439f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:28 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b0-453"
content-length: 1107
content-type: image/png

GET
H2 200 joomla-alert.css
weeklyad-target.com/media/vendor/joomla-custom-elements/css/ 4 KB
5 KB 100ms
99ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/joomla-custom-elements/css/joomla-alert.css
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/media/templates/site/cassiopeia/css/vendor/joomla-custom-elements/joomla-alert.min.css?0.2.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 83eb83a8b38b12ca2a151b57f4f2c9707687c687d102d2b894e2e5586300f1b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/media/templates/site/cassiopeia/css/vendor/joomla-custom-elements/joomla-alert.min.css?0.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-11b8"
content-length: 4536
content-type: text/css

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
70 KB 248ms
83ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7a5f3f1905ea8c6d544c34970f19b2a17c5eaed192c74abfd9bd44641fcb27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 02 Nov 2023 11:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "654389a2-11271"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70257
expires: Mon, 06 Nov 2023 21:25:37 GMT

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/11/12-18/ 148 KB
148 KB 48ms
46ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/11/12-18/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 22add9a89050bc1e76e400ccc7afaca326a09150ba9143eb98aa1a7a3ed16ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Fri, 06 Oct 2023 07:09:38 GMT
server: nginx
accept-ranges: bytes
etag: "651fb2b2-24f8f"
content-length: 151439
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/11/05-11/ 102 KB
102 KB 98ms
96ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/11/05-11/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 01d5b946debea0eb99300564951b75bd0b03dfbbbc4f2ed41e52b217c76f2fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Sat, 04 Nov 2023 08:51:09 GMT
server: nginx
accept-ranges: bytes
etag: "654605fd-196f7"
content-length: 104183
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/10/29-04/ 98 KB
98 KB 143ms
141ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/10/29-04/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: ddc5957eb6a8c2f4ce4a43ba54755fdd458333f2bb8b5dbd9d8644b7d1b2bf67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Sat, 28 Oct 2023 07:08:26 GMT
server: nginx
accept-ranges: bytes
etag: "653cb36a-186e5"
content-length: 100069
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/10/22-28/ 136 KB
137 KB 183ms
182ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/10/22-28/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: fa59b115302abcbdb30fa09dbbdb976e87a1200b867dc75b1a6ce5c3d66d5c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Sat, 28 Oct 2023 06:57:45 GMT
server: nginx
accept-ranges: bytes
etag: "653cb0e9-22127"
content-length: 139559
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/10/15-21/ 114 KB
114 KB 183ms
182ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/10/15-21/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 8efcca052b7247d2d9b669b889ff717178c922a62b0973800bb88eefea8e9177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Fri, 13 Oct 2023 18:21:10 GMT
server: nginx
accept-ranges: bytes
etag: "65298a96-1c8a7"
content-length: 116903
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/10/08-14/ 125 KB
125 KB 183ms
182ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/10/08-14/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 26e6755e2753cf1474e5914c1076bcfc7b121464b867917e53f1f131b1d0818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Fri, 06 Oct 2023 06:46:32 GMT
server: nginx
accept-ranges: bytes
etag: "651fad48-1f39b"
content-length: 127899
content-type: image/jpeg

GET
H2 200 1.jpg
weeklyad-target.com/images/2023/10/01-07/ 88 KB
89 KB 184ms
183ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/10/01-07/1.jpg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 405e274d9dc3a47349148e9b855abf32dd667752e5167ee76aab2f5a6d9ab454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:28 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b0-1615f"
content-length: 90463
content-type: image/jpeg

GET
H2 200 1.jpeg
weeklyad-target.com/images/2023/09/24-30/ 134 KB
134 KB 184ms
183ms Image
image/jpeg 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weeklyad-target.com/images/2023/09/24-30/1.jpeg
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: da22e053d078ae1b6b74ac314eb1ccafbad4236b6456ea737b1b6bb00f8669fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:28 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b0-21775"
content-length: 137077
content-type: image/jpeg

GET
H2 200 dom.min.js Show response
weeklyad-target.com/media/vendor/bootstrap/js/ 17 KB
17 KB 46ms
46ms Script
application/javascript 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/bootstrap/js/dom.min.js?5.1.3
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 87e9f6a3e72a69773835f122aedb937be771d038eb6a7e6fd32a1f72de343217

Request headers

Referer: https://weeklyad-target.com/media/vendor/bootstrap/js/collapse.min.js?5.1.3
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-4411"
content-length: 17425
content-type: application/javascript; charset=UTF-8

GET
H2 200 joomla-fontawesome.min.css
weeklyad-target.com/media/system/css/ 74 KB
74 KB 119ms
119ms Stylesheet
text/css 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/system/css/joomla-fontawesome.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/media/templates/site/cassiopeia/js/template.min.js?2354f9bae0478e1d9de7ea9fcb7630c4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 02a36ffc4f34c4c3f27d63ef1ddc5084aa944371e89f87e074debd6c678d42b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-1286e"
content-length: 75886
content-type: text/css

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
136 KB 205ms
140ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7408273427966569&plah=weeklyad-target.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7408273427966569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a665086259e61f6cee66eba144e3fea0cc1674aff783256662f902b26152770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138240
x-xss-protection: 0
server: cafe
etag: 12345352740611510894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/ Frame AD25 10 KB
5 KB 108ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7408273427966569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 23:46:34 GMT
etag: 251720774729838433
expires: Sun, 19 Nov 2023 23:46:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
weeklyad-target.com/media/vendor/fontawesome-free/webfonts/ 76 KB
77 KB 184ms
183ms Font
application/octet-stream 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/media/system/css/joomla-fontawesome.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://weeklyad-target.com/media/system/css/joomla-fontawesome.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-131bc"
content-length: 78268
content-type: application/octet-stream

GET
H2 200 fa-regular-400.woff2
weeklyad-target.com/media/vendor/fontawesome-free/webfonts/ 13 KB
13 KB 225ms
225ms Font
application/octet-stream 89.187.188.221
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://weeklyad-target.com/media/vendor/fontawesome-free/webfonts/fa-regular-400.woff2
Requested by: Host: weeklyad-target.com
URL: https://weeklyad-target.com/media/system/css/joomla-fontawesome.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.188.221 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-188-221.cdn77.com
Software: nginx /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://weeklyad-target.com/media/system/css/joomla-fontawesome.min.css?2354f9bae0478e1d9de7ea9fcb7630c4
Origin: https://weeklyad-target.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
last-modified: Tue, 03 Oct 2023 11:23:29 GMT
server: nginx
accept-ranges: bytes
etag: "651bf9b1-33a8"
content-length: 13224
content-type: application/octet-stream

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.JDVSBEsjIc_8w1ITL9S4xP1NFYhhGlRb8ydU_TY0wXbjCbL_4INwx2luiIXrjlzm.esCUl_NXTqWu9LeRVnCqX3P-uHE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10172.XjjK_ASMqQwMR27UuG1WRsx68YBQj-Ky1WepASfXCKB17OvpUl9VKvl3oad7u0zJwpqH83MWl9XLDXeFklY7gV6S4hc7bhN9og33BvlDTOOBik1dA-hOdUja6YEHEF9iV25MK7PyX_...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Rrr-M3QaXzENrQYWUanyo9-pn-UI2IcRzldgn2tcN6xDSqM--FpgHZ9l4_-OqCa6GngJN9-E3YCHd8S0zpw2Qnn153n5KyBvjNuSj8MYRxFhs...

43 B
586 B

93ms
93ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Rrr-M3QaXzENrQYWUanyo9-pn-UI2IcRzldgn2tcN6xDSqM--FpgHZ9l4_-OqCa6GngJN9-E3YCHd8S0zpw2Qnn153n5KyBvjNuSj8MYRxFhsYoGLbOV1ij42ea6MIXnZokt-XIJ7eNDueTQfulpdXzZCL_XuXqsnVDYCE41WxYuFr44_REWszUBNJ-SoHOIVz49xnv9IiCv1wj4nwQsGw%2C%2C.IGslyfP5mpGsLggU9-9GRhLtqVg%2C

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Rrr-M3QaXzENrQYWUanyo9-pn-UI2IcRzldgn2tcN6xDSqM--FpgHZ9l4_-OqCa6GngJN9-E3YCHd8S0zpw2Qnn153n5KyBvjNuSj8MYRxFhsYoGLbOV1ij42ea6MIXnZokt-XIJ7eNDueTQfulpdXzZCL_XuXqsnVDYCE41WxYuFr44_REWszUBNJ-SoHOIVz49xnv9IiCv1wj4nwQsGw%2C%2C.IGslyfP5mpGsLggU9-9GRhLtqVg%2C
date: Mon, 06 Nov 2023 20:25:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
476 B 92ms
88ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:37 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 02 Nov 2023 11:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "654389a2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 06 Nov 2023 21:25:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
609 B 216ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=weeklyad-target.com&callback=_gfp_s_&client=ca-pub-7408273427966569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7408273427966569&plah=weeklyad-target.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a489ee135e750a26f6ceccdbe1e6bfe2d809d016effdc2a1ed02547fe6a5c9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46AE 469 KB
93 KB 1379ms
1378ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&adk=1812271804&adf=3025194257&lmt=1699302337&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fweeklyad-target.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337625&bpp=12&bdt=470&idt=308&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3629208944729&frm=20&pv=2&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb1e79ceb9fa7edc451a496329a5c749d83f7258d72486b39ba8066194c1f697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94912
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F388 103 KB
39 KB 1337ms
1337ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&h=280&adk=2419770160&adf=3955570658&pi=t.aa~a.1043414356~rp.1&w=947&fwrn=4&fwrnh=100&lmt=1699302337&rafmt=1&to=qs&pwprc=3114290301&format=947x280&url=https%3A%2F%2Fweeklyad-target.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337637&bpp=2&bdt=482&idt=323&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3629208944729&frm=20&pv=1&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=327&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=hYusVy1Ls0&p=https%3A//weeklyad-target.com&dtd=326

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8f636e7260c843745d2a567abe1578d56988546e617234df51803c5e191e972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/90737997/
Redirect Chain

https://mc.yandex.com/watch/90737997?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3Aen...
https://mc.yandex.com/watch/90737997/1?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3A...

462 B
554 B

78ms
78ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90737997/1?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A1667910264179%3Ahid%3A122460479%3Az%3A60%3Ai%3A20231106212537%3Aet%3A1699302338%3Ac%3A1%3Arn%3A318933462%3Arqn%3A1%3Au%3A1699302338771661257%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C84%2C253%2C39%2C407%2C0%2C%2C293%2C1%2C%2C%2C%2C1313%3Aco%3A0%3Acpf%3A1%3Ans%3A1699302336208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699302338%3At%3ATarget%20Ads%20%7C%20%E2%9A%A1%EF%B8%8F%20Weekly%20Ad%20Preview&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d3b572dca7587367f350989f870a3cee25e88219bb9469ae41f099e5d8c9583a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 06-Nov-2023 20:25:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://weeklyad-target.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 462
x-xss-protection: 1; mode=block
expires: Mon, 06-Nov-2023 20:25:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:38 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06-Nov-2023 20:25:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90737997/1?wmode=7&page-url=https%3A%2F%2Fweeklyad-target.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1277%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A1667910264179%3Ahid%3A122460479%3Az%3A60%3Ai%3A20231106212537%3Aet%3A1699302338%3Ac%3A1%3Arn%3A318933462%3Arqn%3A1%3Au%3A1699302338771661257%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C84%2C253%2C39%2C407%2C0%2C%2C293%2C1%2C%2C%2C%2C1313%3Aco%3A0%3Acpf%3A1%3Ans%3A1699302336208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699302338%3At%3ATarget%20Ads%20%7C%20%E2%9A%A1%EF%B8%8F%20Weekly%20Ad%20Preview&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://weeklyad-target.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 06-Nov-2023 20:25:38 GMT

GET
H2 200 4192163212744338144
tpc.googlesyndication.com/simgad/ Frame F388 32 KB
32 KB 138ms
59ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4192163212744338144?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkWjWNjwI2mwbaFKhmRKsT-ki_cZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&h=280&adk=2419770160&adf=3955570658&pi=t.aa~a.1043414356~rp.1&w=947&fwrn=4&fwrnh=100&lmt=1699302337&rafmt=1&to=qs&pwprc=3114290301&format=947x280&url=https%3A%2F%2Fweeklyad-target.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337637&bpp=2&bdt=482&idt=323&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3629208944729&frm=20&pv=1&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=327&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=hYusVy1Ls0&p=https%3A//weeklyad-target.com&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

072e747fa707480915e3db2d2ab8453c0b2502a78e297d5d13894d2759d4ee14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:34:42 GMT
x-content-type-options: nosniff
age: 535857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32262
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 10:52:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 15:34:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame F388 23 KB
9 KB 129ms
54ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AED 143 B
166 B 33ms
29ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7408273427966569&output=html&h=280&adk=2419770160&adf=3955570658&pi=t.aa~a.1043414356~rp.1&w=947&fwrn=4&fwrnh=100&lmt=1699302337&rafmt=1&to=qs&pwprc=3114290301&format=947x280&url=https%3A%2F%2Fweeklyad-target.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699302337637&bpp=2&bdt=482&idt=323&shv=r20231102&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3629208944729&frm=20&pv=1&ga_vid=681437200.1699302338&ga_sid=1699302338&ga_hid=537988960&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=327&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&oid=2&pvsid=2897759546739106&tmod=2123925389&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=hYusVy1Ls0&p=https%3A//weeklyad-target.com&dtd=326
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 238C 247 B
871 B 158ms
44ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

51216b2a97e896b369a53aa84ee9cbe0af89cc239d722869fcd767fe2db8f805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-1xP9kSb37HzEd3PHCe6W8Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F388 3 KB
1 KB 123ms
51ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F388 20 KB
9 KB 101ms
28ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F388 189 KB
60 KB 113ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F388 36 KB
14 KB 103ms
33ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136c97d87f43be3cdb767fe66e186451f4baf023eb8c5fa6f878b5df65c55aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14677
x-xss-protection: 0
server: cafe
etag: 12865259350941128865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:30:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 160 KB
55 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ab3301a5b8b73da91f8313fead3a942ed6c40d613091dbd8bf7930c0b20f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55827
x-xss-protection: 0
server: cafe
etag: 12178111449064831393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 143 KB
53 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae749b488b1d7f7e2621eb1d08996ccee24efb0cc20d00fcfa935ddf2ee6eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13733313648079134305"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079347%2C44798934%2C44801779%2C44807048%2C44807455%2C31078301%2C44807751&hl=en&pvc=2897759546739106

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=AUTO_PROSE_BOTTOM_ANCHOR&vpt=DESKTOP&pvc=2897759546739106

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F388 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bd63ce2cdd4ad1d4717c0095da34a5377c52b9f84c79482a2f1f33cce99c2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 238C 5 KB
2 KB 46ms
44ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

6d1a8d81f7c8b7992f65b568a095b5150af2046aa5d5b2a0fb4b9d0b2db6e4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-SFW2YhF4wLU-STPaBgdjZg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 65ms
63ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7408273427966569&plah=weeklyad-target.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://weeklyad-target.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame 4053 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 08:53:41 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 08:53:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame E051 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 08:53:41 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 08:53:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame 767E 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 08:53:41 GMT
etag: 251720774729838433
expires: Mon, 20 Nov 2023 08:53:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 392 B
316 B 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=weeklyad-target.com&client=partner-pub-7408273427966569&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f19afa3820201650dfa37e32c8659ad98d22e243458ea79bde5c885c115c186d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4053 4 KB
767 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 20:09:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4053 205 B
519 B 134ms
46ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:29:06 GMT
x-content-type-options: nosniff
age: 46593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Nov 2024 07:29:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4053 604 B
696 B 134ms
47ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 370501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Nov 2024 13:30:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 4053 16 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 05:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 15318980762987274547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 05:03:53 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 4053 21 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:24:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame E051 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDC9 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame E051 3 KB
1 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame E051 20 KB
8 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H2 200 10695658051435942067
tpc.googlesyndication.com/daca_images/simgad/ Frame E051 42 KB
42 KB 43ms
40ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10695658051435942067

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba384f5570149e81b75dd69d76cf22ac2c11a6a82f1ea7a610efc323f184d7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:09:04 GMT
x-content-type-options: nosniff
age: 465395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43281
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 09:28:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 11:09:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E051 189 KB
59 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame E051 36 KB
14 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136c97d87f43be3cdb767fe66e186451f4baf023eb8c5fa6f878b5df65c55aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14677
x-xss-protection: 0
server: cafe
etag: 12865259350941128865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:30:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 767E 23 KB
9 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ACE9 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 767E 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 767E 20 KB
8 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H2 200 10474157366693272437
tpc.googlesyndication.com/simgad/ Frame 767E 11 KB
11 KB 73ms
72ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10474157366693272437?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnVJKu6kIjgNtIU7P2WqrB5xaXNOg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc21119f812ecfd1d526d9c25a61c7fcdde472cf5578167f2a1b474cd16df10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:12:59 GMT
x-content-type-options: nosniff
age: 29560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10948
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:31:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 12:12:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 767E 189 KB
59 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 767E 36 KB
14 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136c97d87f43be3cdb767fe66e186451f4baf023eb8c5fa6f878b5df65c55aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14677
x-xss-protection: 0
server: cafe
etag: 12865259350941128865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:30:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F388
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0X91wktJZanQB9nBvcAPmpe92AqRjImHdPyG-JW3Eu6_i6nePBABIMyb5G9glYKAgKAHoAH75N-YA8gBAqkCIqxay4EIsj6oAwHIA8kEqgTWAU_QZ2mihYfFY8SUXZmr2HYiQot1W9oiisQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212021079163319524249%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%222...

0
0

147ms
74ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212021079163319524249%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215250065607239743025%22}&andc=true

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12021079163319524249","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"15250065607239743025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 20:25:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 20:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12021079163319524249","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"15250065607239743025"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D50 50 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:42:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3FFF 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 19:51:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 3FFF 2 KB
903 B 40ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:02:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 3FFF 23 KB
9 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9771 143 B
166 B 36ms
34ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 3FFF 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 3FFF 20 KB
8 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FFF 189 KB
59 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 20:25:39 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 3FFF 36 KB
15 KB 58ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:58:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ACE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 184ms
79ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 20:25:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9771
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
expires: Mon, 06 Nov 2023 20:25:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E051 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f3953550464d450d3b862e7518256fc1d5298131b3fa000893572973388c48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 767E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f1d4e2f678223581ff79be31c0af04a9c7a498546cfb2ae3c3193a5367e9f16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F84 50 KB
19 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:42:02 GMT

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4960 50 KB
19 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:42:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 79ms
78ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231102&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96ab81605f9e1083dbf398921ea897401679971c2794daa06bdca4176ae510b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E051
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYzA6wktJZb61B4isvcAP-aSzwA64m7uDdJS5m7i_Et7ZHhABIMyb5G9glYKAgKAHoAGG76uVAsgBAqgDAcgDyYSAgASqBM4BT9DysUnDAkVjQR70cTNaspIfXKRZuRcwfZ3DUsUd4U4e2H4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212926747729942500497%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%...

0
0

78ms
77ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212926747729942500497%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210935735540551600193%22}&andc=true

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12926747729942500497","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"10935735540551600193"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 20:25:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 20:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12926747729942500497","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"10935735540551600193"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 767E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvt0OwktJZb-1B4isvcAP-aSzwA6c9Nb7c-PulpmeEtu95frHJRABIMyb5G9glYKAgKAHoAGYqo61AcgBAqkCIqxay4EIsj6oAwHIA8mEgIAEqgTOAU_QYFfecXqWyrIXnJuZ4Myd0DtoppV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22403841799625122772%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%2225...

0
0

78ms
78ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22403841799625122772%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214207646826640588033%22}&andc=true

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"403841799625122772","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"14207646826640588033"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 20:25:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 20:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"403841799625122772","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"14207646826640588033"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 60A3 50 KB
19 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Host: weeklyad-target.com
URL: https://weeklyad-target.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:42:02 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
85ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 20:25:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
86ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 20:25:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 20:25:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F43 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 09:40:27 GMT
expires: Tue, 05 Nov 2024 09:40:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5CC5 829 B
559 B 44ms
43ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

572b63ae3d73caaf3aa9d93b8140b972dc395fa3773555e388284cad4495713d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e2ZlqsAb2Sgt3AeE8HWPcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weeklyad-target.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e2ZlqsAb2Sgt3AeE8HWPcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 20:25:40 GMT
expires: Mon, 06 Nov 2023 20:25:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F43 38 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 18:13:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5CC5 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231102&jk=2897759546739106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9F43 0
10 B 29ms
28ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bqUXeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:25:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F388 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ_ybIv3qpsJrAQ-cneTdccge_Kdbcf8pmVgeuXWE6TECV6tm1GfuYuWOXT1PPg1fX2mKLD9Atps8NVEKJNUVKN-1FBnNUMEtnzR44z7e4qJyR-ikaDa5acgLGnHlihNHyL8AdLgRP3d-u&sai=AMfl-YT-JP-PTAMh5PfTY5SePf6lHiDLFSp7LV-3j0aqpEiEopjw9R2wr_8NEOAqeQcD8ymyHl56e_VDr35ntMT9XkRt3m79cYOKaYpSagPiS_vp69B42pdokTbmGwLNUue1R0bkymCVq22OsHoc8w&sig=Cg0ArKJSzEDPjB1ZBs5gEAE&cid=CAQSTADICaaNBxpfwnoQpkrgR-wkuCV5hTCWpiBq1_gztL5D4TwjU8PJ6VXUGgbGLA1TDfOmxcoHN1PDIY-c9pCZ43WHpxHduGlJtP6ZeUgYAQ&id=lidar2&mcvt=1000&p=0,0,244,947&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2419770160&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699302337963&rpt=1559&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231102&jk=2897759546739106&bg=!WlmlWRbNAAb4oU7C2KE7ADQBe5WfONDjkCclPOzPCb9rvq5iQxonQQWerF9Y70iX-38ueRwipDngwgVyTbno4Nmt42qoAgAAAD1SAAAACGgBBwoANxFpgagXDDJU4NVGEN1dhg1slvfMfU5BhgeLJZVmZzPWPrtJOh601XhyL8fOdW3WZwl4bH1tcqGZAvF9mq9CmC7ffrCuVM8IcCead_gqNupxmuIP2mhk0T62o4aAyYUY8pZV0p9uGhEi2Cu_crucatKA8QXRt9yqJrKpm3qISgKt-GyCCw0QKAp25ygyoOHL-uZmVVudQ5K0RVTAPRy-soiXjZeRk23tRk-rcs3jiXT-OcXxgYoYLcpkFOS5pL4i4GRYSh9bNjOIgdTZ0UCPr5K6xoliNUbtrusYNEY6lomjWKHq14P6AkAAvhNXZ-MGT5Zh_K41MmffqESF7OPqmKi3QZg8z2ShS2ooU0UU34UQ7pkQPav-SJ5ple6-IHKcycfqKmFB09SHiTWLNtHcjAKsj1mwL070yzZLWpmSq4YC34pZfMwScmDSbQMSwcCpldKGkpJOZnqBplUw7MVXGmNxbcgaCfOeWpDYbKu5uslXGFma6iBV7Hjv9WDsk_INjug6VlXahMeSTV15EXM-ZyqwsoxamRiOn1D-Q3lf8Pt7o-_VWBtXpo1t5ZojPvapAwMnKm3kgbcI0VzO2h7p8wr1G4Y8hcraxSFeQQr-ApKGiXrQ1B-anxk_1hcaAkwvrlhVlrlZRyEP3MidDFncX3YgpVcYMpF4BrX1RPn6StDy8vKKYHXsdRsotishf7uKqEG7QFmKA_wEqDXIvkwYpIEnf7SEnxum1SHPlwFpV8djkIdJWWTgts26zBSc_9Fq5dcfoQlGgLxBtUsIh5TN5i6DGk01UzSYWCtXqxHVED5AG42c_uvKLCv0kVGx5nqYMC6Zk6qEpUmkBN99I_WrRBEv46HMAB_i2vf2spWWA3GpzuuLbdQqv6BEgXoPlTrm3Xazql9OHYKiDJjMPl_iYsMPCjWFUxRMuLh_B1rTocY2XJUzS_6zUkj9m26ly5TG8XPzn9qM7eUSkKYuTaDqguamYH9UgVITiKlE-JXIrNSF5FRaoAXR1G8E3u7W_oC8XMss3D79w5cD9XjSxk3TmJHItyzWd8WZZlUJnWyiRQg8uHWOBENJrI-VaZE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weeklyad-target.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 767E 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3pwIPEB8Zc5hyMyIsvbcgFrRvi3NjEGdBosk23oSN2ISRXf41GzzIvT3cB247nUFi-lct0G5x4NFRI2nHqBLAKnNcnQ9sbioePhS-7v35PDyQum2HlgKcfWWgwMgMCjUDLnFTGKPBVMub4CV1225UElHM8j5PtfndIoWGR_9q&sai=AMfl-YRgZjgSnG26wYB7Tz9orzZ-BHmWQLu2IOKPmTKjZOYIcZR3_38YVFHPwfGmdI28uXlOm_sfBA55uJ7ybJuOU6rc9EawOHjJpSezHqoUfS8Mbkih9Y4CBZldbpMYIuY-ctMYw3zD8LmNsJEw6g&sig=Cg0ArKJSzP3kGmvp0s-lEAE&cid=CAQSTADICaaNm7hvT1YmUSbT7AfO6Mgr7Pnt84QltS_4ycYLUIQyT30d_xtJRGOlNHpQu05v-bRK_2dojDR-vKtrK0fQkkvp98fy5XfvcBAYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699302339564&rpt=198&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E051 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumCST3IV4V50oIT59OtW4VYLSMx8FA3vzwXC51bIAxhcJk7p-YLoLIhfImOf59xtWISXiURNtXXNcH4_WM4JVikNQ_88oJN32j-AYTvbt99jU_ud5cClylGUwh0GmllWeJRIioarkI8rai&sai=AMfl-YSSFOUfLYMsdIz36s-79bdDLxcb1V-yoww7JciF6rJ0-iI4bBwP8oYDcSGh5sZtTvf6inNlhhJYmp56k_glt8edPMrwk0mnie5Pkf_xVAGrHhIauOq2ZqhbUnNFZ4-Kwy8h9R-cIl3QoYZK-A&sig=Cg0ArKJSzJD2P_yKgBKHEAE&cid=CAQSTADICaaNm7hvT1YmUSbT7AfO6Mgr7Pnt84QltS_4ycYLUIQyT30d_xtJRGOlNHpQu05v-bRK_2dojDR-vKtrK0fQkkvp98fy5XfvcBAYAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699302339562&rpt=165&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 90737997
mc.yandex.com/webvisor/ 43 B
0 299ms
149ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/90737997?wv-part=1&wmode=0&wv-hit=122460479&page-url=https%3A%2F%2Fweeklyad-target.com%2F&rn=845541503&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1699302341%3Aw%3A1600x1200%3Av%3A1150%3Az%3A60%3Ai%3A20231106212541%3Au%3A1699302338771661257%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Ast%3A1699302341&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weeklyad-target.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06-Nov-2023 20:25:41 GMT
content-type: image/gif
access-control-allow-origin: https://weeklyad-target.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Nov-2023 20:25:41 GMT

POST
H2 200 90737997
mc.yandex.com/webvisor/ 43 B
0 77ms
77ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/90737997?wv-part=1&wmode=0&wv-hit=122460479&page-url=https%3A%2F%2Fweeklyad-target.com%2F&rn=768719094&wv-type=7&browser-info=we%3A1%3Aet%3A1699302341%3Aw%3A1600x1200%3Av%3A1150%3Az%3A60%3Ai%3A20231106212541%3Au%3A1699302338771661257%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Ast%3A1699302341&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weeklyad-target.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06-Nov-2023 20:25:41 GMT
content-type: image/gif
access-control-allow-origin: https://weeklyad-target.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Nov-2023 20:25:41 GMT

POST
H2 200 90737997
mc.yandex.com/webvisor/ 43 B
0 86ms
86ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/90737997?wv-part=2&wmode=0&wv-hit=122460479&page-url=https%3A%2F%2Fweeklyad-target.com%2F&rn=835902431&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1699302343%3Aw%3A1600x1200%3Av%3A1150%3Az%3A60%3Ai%3A20231106212542%3Au%3A1699302338771661257%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Ast%3A1699302343&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weeklyad-target.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 20:25:42 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06-Nov-2023 20:25:42 GMT
content-type: image/gif
access-control-allow-origin: https://weeklyad-target.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06-Nov-2023 20:25:42 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
weeklyad-target.com/	1969-12-31 23:59:59	Name: 82e8a0579f01440ab98c3523cab333ac Value: ffso82veammg2hrjovbijcgtac
.weeklyad-target.com/	1970-01-21 00:47:18	Name: _ym_uid Value: 1699302338771661257
.weeklyad-target.com/	1970-01-21 00:47:18	Name: _ym_d Value: 1699302338
.mc.yandex.com/	1970-01-20 16:01:42	Name: sync_cookie_csrf Value: 2605704818fake
.yandex.com/	1970-01-21 01:37:42	Name: i Value: 0zKstVLtqWc49jixwhEP6RXQ+Q6DjXOdaXQmvYyp6MaOiXVrJAz46ez7lNM1e9C52UJYfhqcjcHnPYFDwOLMHZMnCUA=
.yandex.com/	1970-01-21 00:47:18	Name: yandexuid Value: 7117311621699302337
.weeklyad-target.com/	1970-01-20 16:02:54	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 16:01:42	Name: sync_cookie_csrf Value: 440106238fake
.mc.yandex.com/	1970-01-20 16:03:08	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:37:42	Name: yandexuid Value: 7117311621699302337
.yandex.ru/	1970-01-21 01:37:42	Name: yuidss Value: 7117311621699302337
.yandex.ru/	1970-01-21 01:37:42	Name: i Value: 0zKstVLtqWc49jixwhEP6RXQ+Q6DjXOdaXQmvYyp6MaOiXVrJAz46ez7lNM1e9C52UJYfhqcjcHnPYFDwOLMHZMnCUA=
.yandex.ru/	1970-01-21 01:37:42	Name: yp Value: 1699388738.yu.9268382601699302337
.yandex.ru/	1970-01-21 00:47:18	Name: ymex Value: 1701894338.oyu.9268382601699302337
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 123505661699302338
.yandex.com/	1970-01-21 00:47:18	Name: yuidss Value: 7117311621699302337
.yandex.com/	1970-01-21 00:47:18	Name: ymex Value: 1730838338.yrts.1699302338
.yandex.com/	1970-01-21 00:47:18	Name: bh Value: KgI/MA==
.weeklyad-target.com/	1970-01-20 16:01:44	Name: _ym_visorc Value: w
.weeklyad-target.com/	1970-01-21 01:23:18	Name: __gads Value: ID=d51d14a1ff3fb736:T=1699302337:RT=1699302337:S=ALNI_MbxFooMejN_trATf9vVYLjg5UbgCA
.weeklyad-target.com/	1970-01-21 01:23:18	Name: __gpi Value: UID=00000cb733694615:T=1699302337:RT=1699302337:S=ALNI_MZ2iJwH5uYWs2v5KtGMvBDS8y037Q
.doubleclick.net/	1970-01-20 16:01:45	Name: DSID Value: NO_DATA
.weeklyad-target.com/	1970-01-21 01:23:18	Name: __gsas Value: ID=25e73c6f80dcee2f:T=1699302339:RT=1699302339:S=ALNI_MZVAITwsD8apjKp2QDXGe2e1OOatA
.doubleclick.net/	1970-01-21 01:23:18	Name: IDE Value: AHWqTUml_6jcnL4_Dpg7W-xIEAqTGjWGXDO3JwGFiMXonLJuvHmRPMIqoE9n5zfDX2k
.googleadservices.com/	1970-01-20 18:11:18	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 213) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
p4-cgoeslyquceey-qxkml7byzqjuy24c-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
target-weeklyad.com
tpc.googlesyndication.com
weeklyad-target.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
185.105.110.5
216.58.212.162
216.58.212.163
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a02:6b8::1:119
89.187.188.221
01d5b946debea0eb99300564951b75bd0b03dfbbbc4f2ed41e52b217c76f2fbc
02a36ffc4f34c4c3f27d63ef1ddc5084aa944371e89f87e074debd6c678d42b1
072e747fa707480915e3db2d2ab8453c0b2502a78e297d5d13894d2759d4ee14
0c6bca37f5f8ae0c1ee85f51bfbdb2c39d67cccae7cae3156df2ed7727c5204c
136c97d87f43be3cdb767fe66e186451f4baf023eb8c5fa6f878b5df65c55aee
171b53ac6c2b6c6465d43bf526ad79f892551eef87d62385642c08b8d2122038
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a665086259e61f6cee66eba144e3fea0cc1674aff783256662f902b26152770
1f490b804d1df28160dae4a43f1196353f8545c94a688f31df6d6ae045225a0c
22add9a89050bc1e76e400ccc7afaca326a09150ba9143eb98aa1a7a3ed16ac5
26e6755e2753cf1474e5914c1076bcfc7b121464b867917e53f1f131b1d0818b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b08d0d730f2a5975ff18686c991957b4da42068930ef2373057199bb60214a2
405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31
405e274d9dc3a47349148e9b855abf32dd667752e5167ee76aab2f5a6d9ab454
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
47084350921ff4f9e4908afef36723b84de4247eaf51c403950638b9126c8f4b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51216b2a97e896b369a53aa84ee9cbe0af89cc239d722869fcd767fe2db8f805
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572b63ae3d73caaf3aa9d93b8140b972dc395fa3773555e388284cad4495713d
5838ce43b792853e87fdd8294bad15d73e4c9204b1e313ccb497f255cac6fbaf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ea7943d3556f181fbcd55dc74738bfc4366447510d488d80ad95171654c733
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
65ab3301a5b8b73da91f8313fead3a942ed6c40d613091dbd8bf7930c0b20f4e
6642eacbc52f1c139a64c0b1c97aa5aafb4b71dce2520963e9d19a7c9fb439f1
6d1a8d81f7c8b7992f65b568a095b5150af2046aa5d5b2a0fb4b9d0b2db6e4d1
6dc21119f812ecfd1d526d9c25a61c7fcdde472cf5578167f2a1b474cd16df10
7a5f3f1905ea8c6d544c34970f19b2a17c5eaed192c74abfd9bd44641fcb27f4
7ae749b488b1d7f7e2621eb1d08996ccee24efb0cc20d00fcfa935ddf2ee6eab
8155c3ca7c6952e262fc67bb872a4e516aea71d681b7d9ae94f9da69cfe506ed
83eb83a8b38b12ca2a151b57f4f2c9707687c687d102d2b894e2e5586300f1b8
84cf690af7c195322f4655f9b2a888410fda62f076fdd930dccf43d0d11a3686
87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82
87e9f6a3e72a69773835f122aedb937be771d038eb6a7e6fd32a1f72de343217
8907fd91aa35152a570c7f6efb5362df7c04902ef8b986a679fd03da5d553277
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8efcca052b7247d2d9b669b889ff717178c922a62b0973800bb88eefea8e9177
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9867f40bcd49431d3af516b2057135e67fc654d78389a456f389376a4ed18fd9
9bd63ce2cdd4ad1d4717c0095da34a5377c52b9f84c79482a2f1f33cce99c2b5
9f1d4e2f678223581ff79be31c0af04a9c7a498546cfb2ae3c3193a5367e9f16
a489ee135e750a26f6ceccdbe1e6bfe2d809d016effdc2a1ed02547fe6a5c9a1
a518a1f0b68e49bfc64f21ed58600f7be19ca85d08f6266842cf97d69de02f5b
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a96ab81605f9e1083dbf398921ea897401679971c2794daa06bdca4176ae510b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ba384f5570149e81b75dd69d76cf22ac2c11a6a82f1ea7a610efc323f184d7e0
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
bff9085ada5bc246c3c7727f117a2e3c124c0434746899b55790027017bea2d4
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d3b572dca7587367f350989f870a3cee25e88219bb9469ae41f099e5d8c9583a
d5d2e5ff36a371736c74fc21effdb456e0fd7ad1d7a93dd44a65e24c03e64b8b
d9ecb50b9bc5e64a483ca1f1b4356fb7c29bc52b1faba2d5a81e0da288a06d42
da22e053d078ae1b6b74ac314eb1ccafbad4236b6456ea737b1b6bb00f8669fc
ddc5957eb6a8c2f4ce4a43ba54755fdd458333f2bb8b5dbd9d8644b7d1b2bf67
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e5f3953550464d450d3b862e7518256fc1d5298131b3fa000893572973388c48
e8f636e7260c843745d2a567abe1578d56988546e617234df51803c5e191e972
ed121d4aa40f210e3317c9251e05c042e2051dfdd33b314fdd38ffe8f372b247
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19afa3820201650dfa37e32c8659ad98d22e243458ea79bde5c885c115c186d
fa59b115302abcbdb30fa09dbbdb976e87a1200b867dc75b1a6ce5c3d66d5c26
fb1e79ceb9fa7edc451a496329a5c749d83f7258d72486b39ba8066194c1f697
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

weeklyad-target.com Open in urlscan Pro 89.187.188.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

71 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

2790 kBTransfer

4865 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

weeklyad-target.com Open in urlscan Pro
89.187.188.221 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

2790 kB
Transfer

4865 kB
Size

25
Cookies

113 HTTP transactions
3 data transactions