urlscan.io logo urlscan.io
SecurityTrails logo

hyperurl.co Open in urlscan Pro
52.202.79.76  Public Scan

Go To Rescan Add Verdict Report
URL: http://hyperurl.co/npa1
Submission: On November 19 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 17 domains to perform 58 HTTP transactions. The main IP is 52.202.79.76, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hyperurl.co. The Cisco Umbrella rank of the primary domain is 518348.
This is the only time hyperurl.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.202.79.76 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 96.16.141.156 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 7 142.250.185.98 15169 (GOOGLE)
1 184.24.4.64 16625 (AKAMAI-AS)
1 37.157.4.28 198622 (ADFORM)
2 23.205.235.133 16625 (AKAMAI-AS)
1 15.197.193.217 16509 (AMAZON-02)
6 8 69.173.144.138 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 209.54.182.161 16509 (AMAZON-02)
2 3 67.220.228.201 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
58 26
2    52.202.79.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-79-76.compute-1.amazonaws.com
hyperurl.co
8    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2602:803:c004:200::155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
1    184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a05:d018:d29:3602:2c64:3412:9e4:7e3a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
97 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
285 KB
13 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2577
smarttag.rubiconproject.com — Cisco Umbrella Rank: 13724
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 12186
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
30 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
4 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
95 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com Failed
2 KB
2 hyperurl.co
hyperurl.co — Cisco Umbrella Rank: 518348
93 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
707 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
597 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
265 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1373
162 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3970
522 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
152 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
104 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
792 B
58 17
Domain Requested by
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
smarttag.rubiconproject.com
googleads.g.doubleclick.net
hyperurl.co
www.googletagservices.com
8 securepubads.g.doubleclick.net hyperurl.co
securepubads.g.doubleclick.net
www.googletagservices.com
5 cm.g.doubleclick.net 3 redirects hyperurl.co
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
2 eus.rubiconproject.com hyperurl.co
eus.rubiconproject.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 googleads.g.doubleclick.net smarttag.rubiconproject.com
hyperurl.co
2 www.googletagservices.com securepubads.g.doubleclick.net
2 hyperurl.co hyperurl.co
1 px.ads.linkedin.com hyperurl.co
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org hyperurl.co
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 beacon-fra2.rubiconproject.com smarttag.rubiconproject.com
1 www.google.com tpc.googlesyndication.com
1 smarttag.rubiconproject.com ads.rubiconproject.com
1 fonts.gstatic.com fonts.googleapis.com
1 ads.rubiconproject.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
0 play.google.com Failed hyperurl.co
58 30

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 9 frames:

Frame: https://play.google.com/store/apps/details?id=com.nimble.nimblepay&hl=en
Frame ID: B653EA06C0EC3AD3A668B11297EB711A
Requests: 13 HTTP requests in this frame

Frame: https://7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA129D477EB80D472D80BBC1CD8D7381
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ3mfaNsdjiLvbjC6maqScfu59MYRs113C9ZpFv5Keq20yWVvyKwrz9UqvjU7rIzG27dHud6b_-91Y56I2fEdg95ThpxmEZoTszNT8vk04vE7sWCEUuZMp0UYPjR-4EizBRMz2lV5aDvodpjKlAt_k8WTUr3tGUZ_R8FRjZc2BDTXkp6nctH-jYJeapj6NA9KxPCtCIGFwnYnFaKqXmxTZY51j_LBuKetPd4cMD1GjWzzv0tPJD-K_TjY5vqgnKyzcaIFFc2CktsuBJFrEpySZzhuitFHCu5rMPS9UqlJfajrxBCnhP-4-DVviKXepCqOUqqeADu0&sai=AMfl-YS4hSGRdIo3SDdQubglOjV2HvqKwUUHStB-F_PlIWwH4pJHz4YOlPD2VVOtDTkntDC3JU6VUdISlVA_Qzpvi7RuWh5rsCLHCkvx5DCy24wLfzVHOJm0MxcWZCOtrEInb7nIq58LA_QTLzWnxI5VMkQ&sig=Cg0ArKJSzCsz8DxE2LD5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3413F3538CCCBFFA84E5D152E2859FD0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ-TN-MzyR-A9UDJOTwNqAlOAzp9Aa4vxz8WyGtT-wNQo3WVSHQ00Im2BY4U-msq4Zv5vLwQ7d3fMDjaUEu1XgwstY11bC8nGBy9U7ismJMdKH-veVGXQpBODVRPcqR7XV0LUsjqNxqztM1KGo-Kv6yihDN9oDZ8GSa03TWwzt3ZiZd8ZneoxC5pCIWlLQKBaIHeoJlq2EkU6nkUNxJxauycXRxq3tyAVQQSdTcpwyDruSYTWQP0vCMujhuhZiZqp2KvDBBdOU7lpTt0SdCpqyyBd7vGIuYWWsNSKOG4eJVGlQb6oHev9m2x0D44eU6EOWmBQCdHvY2KtdeG4F&sai=AMfl-YRijK9YFI1xL_S07sSnh47w2NxFbMUdQYZYR25crKyG1vly91_AWK8BUDVEWXwTElqHgn4B18V0tS_6ZE2bnvAtTNboEuNjChbowmmI4G91uBdl-MVBPdProDN0XISaYlUxLkaX-IqJMdM7yatphpY&sig=Cg0ArKJSzOsVpWUpp9UWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 92899DDBB882D7B507E0127A56C39632
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 211D91CEDC3C83B07C19C0A4548C4960
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 661E6E1AE1E82F0F8AFCF1A9877D36C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENm359UDGIz3ptUBMAE&v=APEucNXrRXuW3zyp9Wb7aJ0Ou3vD3qBrZawuGzyNEAVakz9rrW09AB6P-1iWzJhq_rNAlwMT7FIWqN5Jb5m6esQ41Z6Iz4xdcoEITjsEf6bA-fheE37VJLAl6uhBDNpWIXjm3qnE9UGT1S7Q03T5qgBxELl4UL86c80JZO4vzU7luJWo3F8vBGw
Frame ID: BFB7BE94B8197A028FB25599D478C819
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 93EC4B59BC21544482BFC142E8FB6DCE
Requests: 10 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3362A457AB15FACAC83FD8093DBE7763
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LinkTitle

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

58
Requests

71 %
HTTPS

62 %
IPv6

17
Domains

30
Subdomains

26
IPs

4
Countries

906 kB
Transfer

2438 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENvfQ9EK8WAT0jHKP5ddKQc&google_cver=1
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGOCzFSgXhCpIkcFNWIamwQ&google_cver=1&adform_v=1
Request Chain 45
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dDIbNq-kULozAtU25bP1eg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=511458180678261548
Request Chain 46
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vpUIO8RlQs6dtiBw-eJjUA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vpUIO8RlQs6dtiBw-eJjUA
Request Chain 47
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTcyZDQ4ZjM5ZDFjMDM1YjliOGJmZmFmYjllYzkzOTIxNjJhZTY4MQ
Request Chain 48
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jjPtHbtdQcG7oWlufplOTg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jjPtHbtdQcG7oWlufplOTg
Request Chain 49
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANO0C4S-I-61SR
Request Chain 50
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFOTzBDNFMtSS02MVNS
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKw2hq_5uibdcfufs0UP45Q&google_cver=1

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request npa1
hyperurl.co/ 		92 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hyperurl.co/npa1
Protocol
HTTP/1.1
Server
52.202.79.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-79-76.compute-1.amazonaws.com
Software
nginx /
Resource Hash
271ad7686b0116c9ec9d8cea8f7a6f70cc208279d928f507bebb90775732aaf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 08:25:17 GMT
server
nginx
transfer-encoding
chunked
x-redirector-version
redirector-v3
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 827 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 08:25:17 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 22:30:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		33 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hyperurl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76bab137e329053d4f9df7ad1685aede938d3db43ab6baf0b463b98be7d7e045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:17 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hyperurl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hyperurl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		587 KB
97 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1664818797363866&correlator=4268632236395657&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22051246401%2CFooter_Client%2CHeader_Client%2C1.5-Click_Client%2CInterstitial_Client%2CInterstitial_Footer_Client&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%2C1x1%2C1x1%2C1x1%2C1x1%2C300x250&ifi=1&adks=3182824665%2C1239882355%2C4032110609%2C4032110700%2C2642735821%2C2709597352&sfv=1-0-40&ists=4&cust_params=explicit%3Dno%26linkid%3Dea8820c5-716c-404f-93f4-5642344d188a%26boardid%3D91a0ce14-018c-4eeb-a9a3-78747015356c%26toplevelboardid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26organizationid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26countrycode%3DDE%26city%3DBochum%26days%3D%26planid%3D2235c21b-7da1-4131-a1ad-11d1ceacf0c2&sc=0&cookie_enabled=1&abxe=1&dt=1668846317504&lmt=1668846317&dlt=1668846317290&idt=175&adxs=-9%2C-9%2C-9%2C-9%2C8%2C658&adys=-9%2C-9%2C-9%2C-9%2C1200%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fhyperurl.co%2Fnpa1&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C300x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C300x-1&fws=2%2C2%2C2%2C2%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=227434224.1668846318&ga_sid=1668846318&ga_hid=344682095&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080a229f6e235059f515133360312f814d43e5b1e8bcfd4cad9085ef1ea43e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99134
x-xss-protection
0
google-lineitem-id
6107064221,6050737806,-2,6151875315,6047369944,5858414340
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403661399,138396364461,-2,138411816395,138392874836,138375767575
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://hyperurl.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA12 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:25:17 GMT
expires
Sun, 19 Nov 2023 08:25:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
hyperurl.co/~/tr/pageview/ 		70 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hyperurl.co/~/tr/pageview/
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
HTTP/1.1
Server
52.202.79.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-79-76.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9fe12f284af9fe6e9352f4937d2d66da332843728b8f4140354147497c942806

Request headers

Referer
http://hyperurl.co/npa1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
x-redirector-version
redirector-v3
server
nginx
transfer-encoding
chunked
content-type
application/json; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
759b4cfc6edbcbd9eeeaaaa7bd3fe2a63cc1a2df2595cadf159888348008241a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11038
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3413 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ3mfaNsdjiLvbjC6maqScfu59MYRs113C9ZpFv5Keq20yWVvyKwrz9UqvjU7rIzG27dHud6b_-91Y56I2fEdg95ThpxmEZoTszNT8vk04vE7sWCEUuZMp0UYPjR-4EizBRMz2lV5aDvodpjKlAt_k8WTUr3tGUZ_R8FRjZc2BDTXkp6nctH-jYJeapj6NA9KxPCtCIGFwnYnFaKqXmxTZY51j_LBuKetPd4cMD1GjWzzv0tPJD-K_TjY5vqgnKyzcaIFFc2CktsuBJFrEpySZzhuitFHCu5rMPS9UqlJfajrxBCnhP-4-DVviKXepCqOUqqeADu0&sai=AMfl-YS4hSGRdIo3SDdQubglOjV2HvqKwUUHStB-F_PlIWwH4pJHz4YOlPD2VVOtDTkntDC3JU6VUdISlVA_Qzpvi7RuWh5rsCLHCkvx5DCy24wLfzVHOJm0MxcWZCOtrEInb7nIq58LA_QTLzWnxI5VMkQ&sig=Cg0ArKJSzCsz8DxE2LD5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:17 GMT
css2
fonts.googleapis.com/ Frame 3413 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@200;400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08ed954dc4ba27b5c312348ad2a35bf323a93cbe6b04653af06e03ecd7993f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 08:25:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Nov 2022 08:25:17 GMT
vue.js
cdn.jsdelivr.net/npm/vue/dist/ Frame 3413 		424 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue/dist/vue.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2029697010cdf442eea110b24c9735fdacfa9219860ad6ed888b320d102e609
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
340
x-jsd-version
2.7.14
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230121-FRA, cache-yyz4580-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"69e4a-BKrau4AkkDJGeiJbm9fIy8gIwGA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pyc9KBboIqh3qhOfdeZ%2BzQ8cL03em4B1LBvtxolvbr5%2FHK6ZnGG4B2%2BBdzCOURX71lznGj6kG%2BefMTfZTnvu8yDmlz59Bh0bIYwpYIflWy86gTJp7%2FiPJgvNvutw%2Fo11qFyf%2F4lJsbeUHS7UVgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76c78dedb8245c8c-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3413 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 08:25:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9289 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ-TN-MzyR-A9UDJOTwNqAlOAzp9Aa4vxz8WyGtT-wNQo3WVSHQ00Im2BY4U-msq4Zv5vLwQ7d3fMDjaUEu1XgwstY11bC8nGBy9U7ismJMdKH-veVGXQpBODVRPcqR7XV0LUsjqNxqztM1KGo-Kv6yihDN9oDZ8GSa03TWwzt3ZiZd8ZneoxC5pCIWlLQKBaIHeoJlq2EkU6nkUNxJxauycXRxq3tyAVQQSdTcpwyDruSYTWQP0vCMujhuhZiZqp2KvDBBdOU7lpTt0SdCpqyyBd7vGIuYWWsNSKOG4eJVGlQb6oHev9m2x0D44eU6EOWmBQCdHvY2KtdeG4F&sai=AMfl-YRijK9YFI1xL_S07sSnh47w2NxFbMUdQYZYR25crKyG1vly91_AWK8BUDVEWXwTElqHgn4B18V0tS_6ZE2bnvAtTNboEuNjChbowmmI4G91uBdl-MVBPdProDN0XISaYlUxLkaX-IqJMdM7yatphpY&sig=Cg0ArKJSzOsVpWUpp9UWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:17 GMT
23872.js
ads.rubiconproject.com/ad/ Frame 9289 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/23872.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2036
access-control-allow-credentials
true
content-length
8916
expires
Sat, 19 Nov 2022 08:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9289 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 08:25:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 08:25:17 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 3413 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@200;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://hyperurl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options
nosniff
age
123583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:05:34 GMT
truncated
/ Frame 3413 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cb696e1ca174917f209150b8cdf6bfdf4c8a3dd8cfd0251970e1a26a3ab2fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
2256236-15.js
smarttag.rubiconproject.com/a/23872/403064/ Frame 9289 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.5522280105087114&tk_st=1&rf=http%3A//hyperurl.co/npa1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23872.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ad28c5d5781a90a99aa86a7757e5086ad68ae926cd36131e29df36782182d88f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 211D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 07:14:20 GMT
expires
Sun, 19 Nov 2023 07:14:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 661E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c2157ad18dea8d8abf8edb8a1e42c76777e2c7262cd9716977ef295ec1b9b4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bfVQscCL6qYJCnxvqB2B2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-bfVQscCL6qYJCnxvqB2B2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:25:17 GMT
expires
Sat, 19 Nov 2022 08:25:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 211D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 20:57:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3413 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssckrCYTupdrsh-q_f3ISwuuHUV99zT1ees_T2uFVP6J7eBFLexOdRBrA2BYPl0TldQLOhOuQAt1D7FUQ93c7BtjW6NxdQmhgrg6A12AoxsrEl1lPdvHHjR_wY_NvuLgi-GOSH1Vga4oPza_ui0o4SRPkmUsV5vHH7PMErwTw5lfCAXczmrbYcNfpNgTerKmP4RliCGdYTwRjjmQHKAejMFGnffva1Sp4dTRxULR81IzLBgDXFgV25bLEIUEGH8zc5CsH9L4zitXxHIbK2TEGAfxqyroSddesZdJQHD_nJp1HWgl9EwZa44UV3eb6ZAG8ppukGN7fnzeQ&sai=AMfl-YTQG0cxjXVSVFFdwivt5hRbVPARkjioOu2QMkN7SW8d7gil7G1uVuSA7eYvwjoUJEf9IYiKk0Vpp96NZoLWWfd8aZ_rbdQCUSFkTHjQRetxzI8jgsg2y-4qf6ieO_masrQLyPzaNJJO5E16Jv-2kEs&sig=Cg0ArKJSzKshIYUDwo6eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 661E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1664818797363866&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 211D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-nvYng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame BFB7 		261 B
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENm359UDGIz3ptUBMAE&v=APEucNXrRXuW3zyp9Wb7aJ0Ou3vD3qBrZawuGzyNEAVakz9rrW09AB6P-1iWzJhq_rNAlwMT7FIWqN5Jb5m6esQ41Z6Iz4xdcoEITjsEf6bA-fheE37VJLAl6uhBDNpWIXjm3qnE9UGT1S7Q03T5qgBxELl4UL86c80JZO4vzU7luJWo3F8vBGw
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.5522280105087114&tk_st=1&rf=http%3A//hyperurl.co/npa1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:25:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9289 		65 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a12a21818aebb9c5c131f76353069ad72ca4352258ba0156aecef0b8c84d6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30489
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9289 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0bMuWlH4oczYjrkozdqP-73s72qkxU4_st7qMGqp4Ix1YuWr4voD26mJmKFxLs3OeYdnvATA4U5hNhMG7LrZmd2oVazDrzXhxDRkwNKbuvj_F_6I
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.5522280105087114&tk_st=1&rf=http%3A//hyperurl.co/npa1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e6030de6-b76c-4781-9228-93a28aefa1d6
beacon-fra2.rubiconproject.com/beacon/d/ Frame 9289 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/e6030de6-b76c-4781-9228-93a28aefa1d6?oo=0&accountId=23872&siteId=403064&zoneId=2256236&sizeId=15&e=6A1E40E384DA563B691BEA91C9896F1A0C0A2A399B8C3D22BA485A51187B944BA05C83E7C210E645F0E3091D08CC6149172DB22D3B21A9B510D9B8FB51D0626D89DC612CBC24C433B0FB45A62CFC9F8A72F8C4F45596606385549A3F74E7AEE7709D2B065A7020F7A67F863F14D8556AFA90100E4E68DBCE1EE0198FCDC20DC0D82D574BB593C598423FA68DAA74A3A17280B82AF9398C49184294D9E627A7C5ED7A5BA42C020AB5BB5585FBD6AABF1C16B16D39FCC4C219
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.5522280105087114&tk_st=1&rf=http%3A//hyperurl.co/npa1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 08:25:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9289 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
67732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 13:36:26 GMT
17930817672077938805
s0.2mdn.net/simgad/ Frame 9289 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17930817672077938805
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff07436146700dc38aa7153313a84ffb1b64eaf2988fb16eca0a3b6330771e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 07:04:17 GMT
x-content-type-options
nosniff
age
4861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
155323
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 07:34:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 07:04:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 9289 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
67286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 13:43:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9289 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstb1EfO3hvIWZk0ab-WDengL67iJUjTaSJ2w2XUJaVqXS9S_Bvng2vdOSZLsrkO3lPcjODJYx7e3TUrgKWy13LEjNxs8fSmj7OFiKhJ-17u6bAERIYPMqUef2wzlMSbdKMziw_x1G6P6F1o0iAKEj-eXAYZ4XqDtngmG4X-XypwE_aw2a2LIWBKwAVDqaRG14KUcb4O6jMwiUI3MmYPOXqCuaRNI0XW81y0CMtQTWcehZGDdfh09RUqNWNf2Wlak2pLvJ8YYLJvquuzdAT36i4Z5IXKWOi6iapaHaxK2Mep_xHkmEtiYUcJK2Jbef4DSyKwH9ZtYVJfpNvpkIkjF6lUh7vtZncKT6irbmsajpgE0EPcmaOhFUUtIp0Q8CRGp1D__xxCSSUh7ZCDWAHnEGr2awDzgaff6L7kY6orFmNvlKNSd-9l4V5kISpgf96i_zSeS4n1hPwPjvj8XNgn1NkhlAz6QHuZVwWvcm0jRmj6VOaK5V5byi2DHNeYlU9SI2flwY2iFul29Y39zN-VZ1g-URGyLvrNAXVq_GLPvzgUH2-e6RQroh6sC_ukZVkPrwUSNJp6Br0NaJiZzsAdFl2BJ2U-kwZ0b3YNYqfqj8BpBIUHmA2cYZwQw2UZ3hk5HoALe4-_NhpErfrD-RTYHVVwQwUhTGT8kMX62D__jxLpH28r8Udih_7Zq00s7OGFPxUttsMpWQAWFDmch8c3DmJKohs9MEYnU9cmz81njvzrVLsS5nGE27YUFoHVwL6ulnOt5ot0MwSb-fNxl-QkK0G3fdknu77xaD3AJwkIML9Y2I-E2Cu8sRMVLTDSyl43lYRbQ_mcjr0zmFgXwjGSjESdhOfvzAslmXCA05ZeiNjdG-laCXbic3JrsjQvf8TuJOZ2xzqkOY5L2x5D0UgfGxgZZhXop-Ou_c1UWd9SDlP9Rs0WJSe335ZaXCriB8MoUg4mJtY4YxseuCNPZBc_oYYrDwfGho-zxZQnicojAZNpu5GIB8hPtTPOnlTM_d0gWds6dob36wHVfz1YF68IwZd91QyOfLHE2gzhWuRqBCPJ3CN4QP5BazBpZmxAGba2AP6IunOzme_8l4wCxO71WMjvRE0WnA&sai=AMfl-YTHQVHxIEhKR71h9TDB5gDdg0ojFjQvv2jv7SMvOTmWthozgvwbP6gdCw0nK2sWatj6KLALwCcofIK2lZNikAgCkpxgognql81p4PNcadDNw5nVQCBeTV-iQzXX3etl_BRZ4DATMg&sig=Cg0ArKJSzB0AyZTx5ctXEAE&uach_m=[UACH]&pr=8:51D8DC1BA80BDA64&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.54388&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 08:25:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9289 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 10:27:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
79089
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15207
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 18 Nov 2023 10:27:09 GMT
m
ad.yieldlab.net/ Frame BFB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENvfQ9EK8WAT0jHKP5ddKQc&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENvfQ9EK8WAT0jHKP5ddKQc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENm359UDGIz3ptUBMAE&v=APEucNXrRXuW3zyp9Wb7aJ0Ou3vD3qBrZawuGzyNEAVakz9rrW09AB6P-1iWzJhq_rNAlwMT7FIWqN5Jb5m6esQ41Z6Iz4xdcoEITjsEf6bA-fheE37VJLAl6uhBDNpWIXjm3qnE9UGT1S7Q03T5qgBxELl4UL86c80JZO4vzU7luJWo3F8vBGw
Protocol
HTTP/1.1
Server
184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 08:25:18 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 18 Nov 2022 08:25:18 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENvfQ9EK8WAT0jHKP5ddKQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame BFB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGOCzFSgXhCpIkcFNWIamwQ&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGOCzFSgXhCpIkcFNWIamwQ&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENm359UDGIz3ptUBMAE&v=APEucNXrRXuW3zyp9Wb7aJ0Ou3vD3qBrZawuGzyNEAVakz9rrW09AB6P-1iWzJhq_rNAlwMT7FIWqN5Jb5m6esQ41Z6Iz4xdcoEITjsEf6bA-fheE37VJLAl6uhBDNpWIXjm3qnE9UGT1S7Q03T5qgBxELl4UL86c80JZO4vzU7luJWo3F8vBGw
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:18 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGOCzFSgXhCpIkcFNWIamwQ&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 93EC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 08:25:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 9289 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
920efcc9adf2f72db76249243af4bdebfce620e765fb64fc7e2b4ac0ca79848e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3362 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hyperurl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
142124
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8395
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 17 Nov 2022 16:56:34 GMT
Expires
Fri, 17 Nov 2023 16:56:34 GMT
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 3362 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 15 Nov 2022 11:14:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
335457
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15986
X-XSS-Protection
0
Last-Modified
Thu, 03 Nov 2022 09:28:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Wed, 15 Nov 2023 11:14:21 GMT
usync.js
eus.rubiconproject.com/ Frame 93EC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 08:25:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 05:41:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76525
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 05:40:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9289 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstb1EfO3hvIWZk0ab-WDengL67iJUjTaSJ2w2XUJaVqXS9S_Bvng2vdOSZLsrkO3lPcjODJYx7e3TUrgKWy13LEjNxs8fSmj7OFiKhJ-17u6bAERIYPMqUef2wzlMSbdKMziw_x1G6P6F1o0iAKEj-eXAYZ4XqDtngmG4X-XypwE_aw2a2LIWBKwAVDqaRG14KUcb4O6jMwiUI3MmYPOXqCuaRNI0XW81y0CMtQTWcehZGDdfh09RUqNWNf2Wlak2pLvJ8YYLJvquuzdAT36i4Z5IXKWOi6iapaHaxK2Mep_xHkmEtiYUcJK2Jbef4DSyKwH9ZtYVJfpNvpkIkjF6lUh7vtZncKT6irbmsajpgE0EPcmaOhFUUtIp0Q8CRGp1D__xxCSSUh7ZCDWAHnEGr2awDzgaff6L7kY6orFmNvlKNSd-9l4V5kISpgf96i_zSeS4n1hPwPjvj8XNgn1NkhlAz6QHuZVwWvcm0jRmj6VOaK5V5byi2DHNeYlU9SI2flwY2iFul29Y39zN-VZ1g-URGyLvrNAXVq_GLPvzgUH2-e6RQroh6sC_ukZVkPrwUSNJp6Br0NaJiZzsAdFl2BJ2U-kwZ0b3YNYqfqj8BpBIUHmA2cYZwQw2UZ3hk5HoALe4-_NhpErfrD-RTYHVVwQwUhTGT8kMX62D__jxLpH28r8Udih_7Zq00s7OGFPxUttsMpWQAWFDmch8c3DmJKohs9MEYnU9cmz81njvzrVLsS5nGE27YUFoHVwL6ulnOt5ot0MwSb-fNxl-QkK0G3fdknu77xaD3AJwkIML9Y2I-E2Cu8sRMVLTDSyl43lYRbQ_mcjr0zmFgXwjGSjESdhOfvzAslmXCA05ZeiNjdG-laCXbic3JrsjQvf8TuJOZ2xzqkOY5L2x5D0UgfGxgZZhXop-Ou_c1UWd9SDlP9Rs0WJSe335ZaXCriB8MoUg4mJtY4YxseuCNPZBc_oYYrDwfGho-zxZQnicojAZNpu5GIB8hPtTPOnlTM_d0gWds6dob36wHVfz1YF68IwZd91QyOfLHE2gzhWuRqBCPJ3CN4QP5BazBpZmxAGba2AP6IunOzme_8l4wCxO71WMjvRE0WnA&sai=AMfl-YTHQVHxIEhKR71h9TDB5gDdg0ojFjQvv2jv7SMvOTmWthozgvwbP6gdCw0nK2sWatj6KLALwCcofIK2lZNikAgCkpxgognql81p4PNcadDNw5nVQCBeTV-iQzXX3etl_BRZ4DATMg&sig=Cg0ArKJSzB0AyZTx5ctXEAE&uach_m=[UACH]&pr=8:51D8DC1BA80BDA64&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&vt=11&dtpt=189&dett=2&cstd=0&cisv=r20221110.54388&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTR5MXzEk28yCKDbHUAQEFMgafCID-kycrnuAP-MVb3QWTv36GaiG8eZ_lV5Runr9GtR2ry_ClrSzhn8hySpFo7HG995FGGLGbldLt5sADZneyBsV3bCPbReMaZ2hx_XfU77lNq0Jl3jU8wa_QaWmfFwJtUcTdWSHxJSujvfGhB8MaWsA&cry=1&dbm_d=AKAmf-ASK5yAu7dAwh3-mFFM03pYlDYKeuV5j8H5JpXMOu5x6IQqFpKtJWancAWiDBCm7_cugkC5-055q1QW9AdHKwUqCC48lDFMn-ongCRwahK6AK7ryuBQApVJkdnHADY8-sQOMU1mnQi4y43NYs1lz-Zb_QEYHYR0-7DZruIYC8_cmGXWLxa1M8VJg6woHJbSSZRKdT818y7sEtzvLQZC2FbIaw6OwJjAgHqNYFbtzPMwEFe7ZkCgb8xcLie-rhXAaaFStEYbmZ2vXVG0JQJYP8guEwxD1rnOLWpYVVbdoVFCQStMaD1TNzJ7cgBoTMnnboByCRPZLcMiQvx-MJmEjydi3QkyJBSuJBFP30tLGCIwSnHZQuwFYy9y4GtLiwFtwkmGtNOk3njAI_JwM_N1t72KQ7jQbg9PB8jPVkmHpkpimb5nvn3WFNapqSW1ojIAOQjVGGu6WBu1z52V_YSFiadBBoNfrz-eugCzC7_0tPPrrpSy3oHPufMgcDEq91zvln4D2ZppqhTPD3no_5mELjTOsJsIeZ73fzkaDEUm_J9-43_y0RXrac6g3v8QlzbsUOGb95y6k5xQULi3w8I6xxKZP9ndvKBgNJ78xxhW_p4nVkSyPLxZdNFo8EcI4WMtjUfLKhTMWXL9l3AGb_iE1oc9jnedIKzpTRWkV00JjrH4kYzrTaJq2xgo5Ut-kzIX6ZSqXwqiOgoHIzop8RzOMZmU88v5sbv5GvX4VBHD5HEOsKuFHyPawU92jCVWnjxGtKtKM1ZQxt69-UfHpedk-uYif-JyV3zh5On1hWFGu7mXwp_dqyCHXWu0283yLFeK509eof_zJa5IKksI1tPVnAJKyyc_mi-kwAjI0TEGyqFL1yI9V3kxQ0Ff2VXx3v5zFW8df3I1xgU-lNdPsvqF3Os-iaGbGbvCfvLRNrDaqlM6l4G7QFfYocoavJxS0zchn5LtO8O_apuHMWW66SmqY2JEt5X-HU4qoe8LIf4woqmANiqey-PoPh7bmyAqy0xWaR_iy5tKg3Sdi_Yl1ncM7WXIBDe_cb05BD56pBBYgzRpD9rLK_VoTns0AHMrKryIMR8CV5ESHnPl5qIFtB8ZoQr31ebLDvL9OSJctPRl8CwiyMDVnT_Hjn3EOU8fruaF5Q-Qp95J-KJGgFP8y6wFuiH6ebLTwOfdSMQGY0VqCK4qR2oxvYc1wdjFtQ45zJgOm3gh0acW47CoP_G0fQTiEYfxGUpFA7KjZQphO39hrGd4lC_IKjShdf0bZv57dIMM5D8CxhCzyktVE02x5X27N1o1HFI0WQUYmR4bjA2Yic9_ihIg3FH-y5Lf57unYGtnldAUjWWZ9Jb0P1Rgzj7VFVFG1mB4rmXhAKv4uMxwV3ccH5U29opQW0Y0bHr0t5jVU3ilm6l9NApTml-J8OG2gNxVhYtxLcbjS80GeqHAs7tCgM6-nchPAiFse-Vr6B0cRpiH1ChhvzZ4x__jDc01owjfu_LYMHpBpk0qdwXqa5VdnAYEklvCYN1X6Ndv111Qb4ap3G7G7Z9Fsupn7CFv_KEpG-Y14EYuqPI9fM2PgYLdLnc1swH5b-D8ptt46ZGJg0SadgfuFfUVYzfSq-dQX-eposqalSwzuckmUupcxpXta1G8t5BC7k7YZDpGkPWH7vdgR_9EDaG-0VrKTU1rCpSQk8aiG_GhUzeBJP1eMtTQzW-c2CQwPtyTIwxsA3OGU6iWg6DaYx9Qxmcfc_qH68Es5A5YWXS2IV0NcKQb2darfOfEzQXYQd3_8QPb_ewp-bp9Z09wSpCC6PnpQY-_iIdwayjDo6t4GHSz7IZGhmvOs7yuI084DqJ9cQzgIqpAWmkUmf8KU30nXyQt-X1IMFQ_XCT5F2vf1TQ9T9kZ14XpTuhQ_7saGQtyZ6UDZ9AlKOiIvYKYGCnl4od-WEjYAAhQJyzmKssWQRs5iFoG84Ei32YIKQY2X95F-jCO2cW8OwBkX5dxCpdEE1HguRdNhu0j03j-gADyxj8uUeT_jCOcAtZ47ZB8l8pIEOVH5l7rfzfV0GYYq4KrD9RJEIUfrCNSfvGhVuyF2posA0D33EZZNeVubFDUWhXyjtPfSAsyd_EDG-wIzhRRhLB7oSueBXf_0zQJSKldwPAVysgAesfLJvczS1LsooUC5xnzn4is99bApZd7GkHX0X4XGF11VdMlKrKqXKG8aziIQWafCh8OAA5F1n5U3FPjGGWCgrVphF2G0MrefpNubHKa9VFIZPGfyFmb-90c2VZJ0BTdnXqd7IEtGaC8mjMcCT6GBrhe9oJz38smto-A6udYKI3yo25Ra663sTj2qhxuuPnuo_3AtivpKY4wExZALEGIENvYSY9NgxJURI2h0VlyNhxq3ocoEPE63NRlOvkZF2LrZsFxST57hJnUl4X0WifnE0rgiPzlQMEFUWJ9JwCWmt_32WfPxCnLJaOlHEzMwpnAAQf6SfJ-7ovvjGT1gt8wg9ztTGHLny0uyXJmxKtnUCvnL5CKqIzfTeujGC_HMftNJuElsAeFYMBhz4ljqnE1Je9E7y4MWs7H5IKbrMg6RxzPwrtRqxonM7THpWSJHr5TQfu2jtAu2ZnEj3068DMqPdBxMie_Q_Q4T29CADpMwaPgD5x1cKLIsMdAUog0eYVtxq3S0dB19Zq2YZoC1_n5SLpYvttz3wAQioDihGgM3Nn77pjhCYf_EjLhH1P2Y65oQpogiWU7mgmQgmpuudUjxcvC9Sae98dnTrdORgZXb4PRUnk9q4FIkuJs0tj7Fb431JVU0VEF-HaT8QmPmTPIQriQFVulwPLwAfreQm0K2YE0lPNUWaKj5JHQqdOfixnf0KchA5axduS9rxS58S566FeKpSAfV8GMH-h07Nv0OzM4zpncZybDKbOvugmK8yE7RRie6-cEW98wxYmMZj_Qw9XK6iT8hKbjb5X2NJk8Kusxm2VIymRegjamZqsBfKsWvHzNpZnJrqgjZ4TEUZFSqMNJBRg1RILRkTLn97CNbasrOYjSs2IVvwKu08q_cyAlQN0PAXDgdG-lmUQgKFVxgo1HgCBG2DSie3Fr0Of7TvdV2SJCMHovFLV8FIjv7tigkuvCxkEOPzC2jf9o0nXsaQd1OfgoF98EqiylcXWtxJxuNJQ1xPI636p-13f1LCVwUd3YRevl2_4W7f-QBmIE-wNKrBRCDabFGaEJVow_VNJGqlStJO8Oz8EHed5-ONKBCvo9gDiec_2Lvq3IPk4Iy8UXxlKUBhLYZLsdSgUhvHGX8MfHItnr1tjU6yqAXTnhFwXOQASbAlcjmmkw8z74tsTPb-Eo_fAcZjx0XoY9JVmvP7cdN2kVfisTI_0wZO9xXlNpOMGtfBm8gCkaUdY7GAEvk7bKQdr_&pr=8:51D8DC1BA80BDA64&cid=CAASBORovhs&rfl=1%2Chttp%253A%252F%252Fhyperurl.co%252Fnpa1%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9289 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAC82upWldIxKaCvoU179zp_fkI-rmW0ZlfD0xuexDhAEQZhNqoq1bcLYhUCVX3XwFIw_wdrrIQMRrAOAIJU2BuuVgfAoQJErVTNuwIPCKNUCj8nGMfOMnlpJSFCTTqcg9qdYc8xFKRVrtOX2eiGjWYBA_EhjbKs21qoruoR67VZjwhs4SflslW1R3eo44Bc9ljdFom7l3rgepPDdfc2ex8GFTd0w_UZEPwlvLr8TGp4m3iw_k_ddxguM5FgXeN6Qqn-ooFKTFBjzhN9XZ-PrDmzpzkClK3zRxPWnxDW5iSlhKr8S58c-ENR60ApILjQKioicSqsMqR3kMj_TJtiU&sai=AMfl-YQmTZzCPlj08ZzIu04_gwdDENy22YQp-Panani7bWuzfGzD5ECMvQOmA1tQdxsQ1pH7kQF8xCpFbVuA9cePmKGmO6f00CI6WDtM6tJCWAI8S57BREm5tXQTCd4ono1Ucc26gzD6qfp8oMhJ7t4xqTY&sig=Cg0ArKJSzKEAh9xY0oMDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 08:25:18 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 93EC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 93EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dDIbNq-kULozAtU25bP1eg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=511458180678261548
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=511458180678261548
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 19 Nov 2022 08:25:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=511458180678261548
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 93EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vpUIO8RlQs6dtiBw-eJjUA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vpUIO8RlQs6dtiBw-eJjUA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vpUIO8RlQs6dtiBw-eJjUA
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 08:25:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PA7KQ9BTTG54C0KWK1Q8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vpUIO8RlQs6dtiBw-eJjUA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTcyZDQ4ZjM5ZDFjMDM1YjliOGJmZmFmYjllYzkzOTIxNjJhZTY4MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTcyZDQ4ZjM5ZDFjMDM1YjliOGJmZmFmYjllYzkzOTIxNjJhZTY4MQ
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTcyZDQ4ZjM5ZDFjMDM1YjliOGJmZmFmYjllYzkzOTIxNjJhZTY4MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 93EC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jjPtHbtdQcG7oWlufplOTg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jjPtHbtdQcG7oWlufplOTg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jjPtHbtdQcG7oWlufplOTg
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 08:25:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
93QPHY6YSCHS02XERK17
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jjPtHbtdQcG7oWlufplOTg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 93EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANO0C4S-I-61SR
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANO0C4S-I-61SR
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:25:18 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 44268D9E11534F73A066988E8ADB2C49 Ref B: FRAEDGE1818 Ref C: 2022-11-19T08:25:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtzpAD1Vg7zixr+iWXJQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANO0C4S-I-61SR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 93EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFOTzBDNFMtSS02MVNS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFOTzBDNFMtSS02MVNS
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFOTzBDNFMtSS02MVNS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 93EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKw2hq_5uibdcfufs0UP45Q&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKw2hq_5uibdcfufs0UP45Q&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKw2hq_5uibdcfufs0UP45Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3362 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG8WP7pJ4Y57FB_GqrATAnJXIDwAAAAA4AeAEAg&bg=!3d6l3prNAAbvMpMzzzI7ACkAdvg8WjtunUx47SRu1nLA9r8sjW9V4sV0qoEMwKTGdxh_yohPUbFUWQIAAABFUgAAAANoAQcKAJV_JAKNRKj7Hl90xcSWAVOMQ_S4TyJ0oQ_Uh9k4IfjRKj87HscnoniNbJq5R-zJ216RDIlgzp1bLCoQW0UQkirdws8hSIAUmFqIjpv5LGxpQ3kBFKu8bt49p_zdQDu_WfJYTnYXvpM0aIclPQ195D26uR206LFmwikxAxDU6O5RfF3SuICAS4_fWuqNezS29zwQzZpiSJkCqjVRT3vVR9_IuRaALwerFaDao7uF0TaXT7GFz_uwG4zi_VQK7Cc5l6Z9nTaZ3weaCn59uLtNuytY-lNPq5BvZEZ1_8Xe0fx3Ei-FV_m6RGuITahuERjMXxMTdg9tUJwIekhdnE_ZhJKNOTxKnBD_MFpP1yhYuE9rByQpgcyViov1-8SC0Q1PWE2w6S5Ma2-0W98IXCFArRJLMzh1b5Bn6hRbhUzYplaqO9Bm4Rzvl34jGTIGJbLoR5bpi-KhXVYQEhtJ19HLyIcQHfCNJgCOz5Viik3WMy2_xq4bRnysDYSrA4lj6-ig5kwK3TBUtN7DmWJpM0_k1BaEre_i7p-CRfLs6cjeLum90vgDNUqx6XrCuHrIJNBuWyrj6doJOnFq32hXOYu3Ps1HMocKrEeFM0z5OUVidVgK_uQL49FR2DDHcOYTxznpMgu8vweF5WwCCGgGofgUVUX5JO3BK2h1GdHKZPf_w61_UTtkCczOl4XtwRRrj1o4epXZA8hDIwN7qEzD0BeDLmp9AqvHAN0VecMgGlQanj7UHISU5drVL-ygUlwk38MyucpcvT64DMspImMtAmubM6fiiJp6IQ6R7hTDtmliQrApznZ89ba7VhvdNLmZEYkR38qiOnfvRSnSiQ5Pso1_lkkUvIHMrdiMFH3rsbWcWsmY0j7FH6TGIEJBXnWWmtqfwAzXfdGyDYlLGY7pgHCdajsT6Re41UinMYaBIdw8TsotGlxMGEJp71uxH5NpAhE5qTv3EDQpEzonoAN9Rrf9_SdMNBiM5sSeQ5k8d5XzGUtp-eXPLS0rqT6HP3JKso-13rmvdmaKvoGND5nMvXwjwGgoMhSnhgY-oCuy2tSzbLenphJ2UTVPhVwfPEzc2IIDzAxhTPG5wCLHxAdYd8VY7osR8X8
Requested by
Host: hyperurl.co
URL: http://hyperurl.co/npa1
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 08:25:18 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1664818797363866&bg=!tLelt_PNAAbvMpMzzzI7ACkAdvg8Wn_JFXfi15c0jg9xd9dnkObndC2omP1YsfAn9mpZNG6iCEfC4wIAAABUUgAAAANoAQeZAqlP1u0fx-Bn1ljdgl5JPMvlUIFNwJiHa-07WFJMk1OkPUgA8uwki70o3PU892bodTjvyEMeGXpvqgSq_fO-dPvomdS4Nx_EBSIHIyesocQsC5rkobhjgERUm3_T3YRLoS48nx5f3si0fZsZA3gx3-ZXEBsqYVrSCBxH_WVohGMod_2BTypEHjCAQtiCGy6SQDKo5pLrJToMdPYMSpUsNgFrNcLw2lb4rtXxBDEaexCAQURDJf0cPRmv0EtPopOC0Iq3cSjXQePPeMaSKkaOyH6QKJzQPdXC_toShki1LELWbSdTtw_G19vClEjOpkdzEQ2qK8x6wcY6Py5mCVGUIY7mllFNvmqocaccJxx55lI6cYVZ0HF8z2Oyr-h1l2aKkDqHJlINrOshGLeH74zFkFCXAyKHg46-PlplgEok1rjFGn4aqqYgQMFr1vqJvX0l6ha53KexFV1HMsPlpLTyr0mLtl-BsDBYkhNZOXKfGytf9ARTHiiALzqdC2MjCXpojX30H7OOsOg3C_-69HDbwjU-RPdqvFVuinmTKt4hWEMoilk8HN5IFxmijKHg_KF0KwAN7QQUe9xmOid_jzJ8lo1SBBu42Zg-h7TPHSzpmzyY7fLUXt-qds4MsUvbAzKwJOHsIKbg3EoFoHZY2lf9dQZ5A_nUepYqhrTx3CBHBOZBsZSKd2R09AfvzIHbAX0Hn5XltKK-A9MIIwCJH4HiJ0skSCKiDKLXXVwYru_Uec1JBq2LzvhpMBVkW_VtdKnmdk6KRF_pawpTPHi3ulfb2SCIVJ4dK_ofy14fZQaCkqhVrwUyUkpqeyvmXknXaugArBYxkfZ_mhdq8jo4rDicWr6kVYxjlUh6KbfpvZPJlRGN0WpwtqPn8joxb8w9nMH1AHhe6zuEOE5M66s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3413 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1IdPS_rP7125dXsNw6V6gXFFsHGNWRnQvyhj6S1rsSkUlRsHh-29IW6SMCMIV2IXws3mp9AmOGhMFp_YuduheNUM-Umj5VGk7Y9oMSeLepLO7VdxC&sig=Cg0ArKJSzMXsU8wThfoVEAE&id=lidar2&mcvt=1000&p=0,8,1200,1608&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2642735821&rs=4&la=1&cr=0&vs=4&r=v&rst=1668846317675&rpt=271&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9289 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1O6CuyiDhBF8NpmCJgOUz9sXnSMV_tMAY5CV_-Lde25TVIAIS1ybVCP659jL3pWqOfWTaWL2ic893Ikme-Ro9fmegadsNZrFe1IF8NOuUAZOrPfam&sig=Cg0ArKJSzLVoKeVZ56mREAE&id=lidar2&mcvt=1000&p=586,658,836,958&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2709597352&rs=4&la=0&cr=0&vs=4&r=v&rst=1668846317690&rpt=680&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9289 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPcmSGwkGcM3JRSw_IevUZhn_soNV6hgBeRQ4M9csWpQF8-3TMXddg73I0N5iixxdkz4MwVnlB-9MRe7Krf2QYqQCIBgcExqc&sig=Cg0ArKJSzJfR7gkiXPVNEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1668846317690&rpt=684&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://hyperurl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 08:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
hyperurl.co/~/tr/event/ 		0
0
details
play.google.com/store/apps/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hyperurl.co
URL
http://hyperurl.co/~/tr/event/
Domain
play.google.com
URL
https://play.google.com/store/apps/details?id=com.nimble.nimblepay&hl=en

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| googletag object| linkfire object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| redirect object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.hyperurl.co/ Name: LF_session_60036bc34de490a5f05a0b50dde9c38d
Value: 1
.hyperurl.co/ Name: __gads
Value: ID=dd10d70bb2fd2070:T=1668846317:S=ALNI_MYhZ6biDBZ9Yh-kX7Ex9-65KF7p-Q
.hyperurl.co/ Name: __gpi
Value: UID=00000b227b625472:T=1668846317:RT=1668846317:S=ALNI_MZJMkKUwg_7kszv3F9AFrgFAzaV5g
.doubleclick.net/ Name: IDE
Value: AHWqTUm4heGy-OElkxQgxAHtXc7IW1Xoe79BZ0KkyI_iwq-hvI1d9aq9zaWWYXAJiIo
.rubiconproject.com/ Name: khaos
Value: LANO0C4S-I-61SR
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1vQJg4L0Shx7JGe4Ni1ThWK2euPP2lVg3CRi4Lg8bJK1n0Mxivg7HonDkamKrCKHvQQOZk5IWUHZOTKvnsirSQUN+/nvRkaHE=
.yieldlab.net/ Name: id
Value: fe062cef-22d7-40e0-9592-51522b5bddc7
.yahoo.com/ Name: A3
Value: d=AQABBO6SeGMCEE4c_fZzyLHaJ66sqsNH2U0FEgEBAQHkeWOCYwAAAAAA_eMAAA&S=AQAAAi5GJBn3GDKIPcpWf67LIzE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d5e862a7-644d-4fd5-8905-80462abbcf53"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg4NDYzMTg7MjswMjGIvJ4fRhJZ9ZVzEbTF0KChrb0MmWc4GnXt5gVcaoExpw==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2543:u=1:x=1:i=1668846318:t=1668932718:v=2:sig=AQGs001lqRjMoAqULaas364bLYK6hx_K"
.amazon-adsystem.com/ Name: ad-id
Value: A_ZSyigLN0awu5g-91EhjCE

1 Console Messages

Source Level URL
Text
other error URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c25768b4d8e144217799bd5fbaaf7a5.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.yieldlab.net
ads.rubiconproject.com
adservice.google.com
adservice.google.de
beacon-fra2.rubiconproject.com
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hyperurl.co
match.adsrvr.org
pagead2.googlesyndication.com
pixel.rubiconproject.com
play.google.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
hyperurl.co
play.google.com
142.250.185.98
15.197.193.217
184.24.4.64
209.54.182.161
23.205.235.133
2602:803:c004:200::140
2602:803:c004:200::155
2606:4700::6810:5714
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2006
2a05:d018:d29:3602:2c64:3412:9e4:7e3a
37.157.4.28
52.202.79.76
67.220.228.201
69.173.144.138
96.16.141.156
080a229f6e235059f515133360312f814d43e5b1e8bcfd4cad9085ef1ea43e78
08ed954dc4ba27b5c312348ad2a35bf323a93cbe6b04653af06e03ecd7993f72
0a12a21818aebb9c5c131f76353069ad72ca4352258ba0156aecef0b8c84d6ea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
271ad7686b0116c9ec9d8cea8f7a6f70cc208279d928f507bebb90775732aaf3
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c2157ad18dea8d8abf8edb8a1e42c76777e2c7262cd9716977ef295ec1b9b4b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
759b4cfc6edbcbd9eeeaaaa7bd3fe2a63cc1a2df2595cadf159888348008241a
76bab137e329053d4f9df7ad1685aede938d3db43ab6baf0b463b98be7d7e045
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
920efcc9adf2f72db76249243af4bdebfce620e765fb64fc7e2b4ac0ca79848e
9cb696e1ca174917f209150b8cdf6bfdf4c8a3dd8cfd0251970e1a26a3ab2fb5
9fe12f284af9fe6e9352f4937d2d66da332843728b8f4140354147497c942806
a2029697010cdf442eea110b24c9735fdacfa9219860ad6ed888b320d102e609
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
ad28c5d5781a90a99aa86a7757e5086ad68ae926cd36131e29df36782182d88f
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
ff07436146700dc38aa7153313a84ffb1b64eaf2988fb16eca0a3b6330771e40