ad.doubleclick.net Open in urlscan Pro
216.58.212.134 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_con...
Submission: On December 31 via manual (December 31st 2020, 4:29:25 pm UTC) from CA

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 216.58.212.134, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is ad.doubleclick.net.
TLS certificate: Issued by GTS CA 1O1 on November 10th 2020. Valid for: 3 months.

This is the only time ad.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	136.243.13.5 136.243.13.5	24940 (HETZNER-AS) (HETZNER-AS)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
5	136.243.12.34 136.243.12.34	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
19	9

1 216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.13.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h325.meetrics.de

s372.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.67 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s372.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.12.34 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h299.meetrics.de

dc299.s372.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	meetrics.net s372.meetrics.net dc299.s372.meetrics.net	3 KB
5	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	18 KB
3	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	17 KB
2	2mdn.net s0.2mdn.net	39 KB
1	mxcdn.net s372.mxcdn.net	56 KB
1	googletagservices.com www.googletagservices.com	29 KB
19	6

	Domain	Requested by
5	dc299.s372.meetrics.net	ad.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	s372.meetrics.net	s0.2mdn.net s372.meetrics.net
2	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
2	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
2	pagead2.googlesyndication.com	ad.doubleclick.net
1	ade.googlesyndication.com
1	s372.mxcdn.net	s372.meetrics.net
1	www.googletagservices.com	ad.doubleclick.net
1	ad.doubleclick.net
19	10

This site contains no links.

Subject Issuer	Validity	Valid
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
meetrics.net Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
Frame ID: 4DDD6EC81BE9BE84F15AB6E92D5817BB
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 820E0BE2C11CCC369BBEC19BBA45BE61
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/6342803/1607612173696/audi_audiSelectPlus11_q3_1_970x300.html
Frame ID: 322E6CAE465793F54A3FA4EA8CD9FE11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

10
Subdomains

9
IPs

3
Countries

162 kB
Transfer

413 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqT... Show response
ad.doubleclick.net/ddm/adi/N444803.2133700WP/ 32 KB
16 KB 113ms
57ms Document
text/html 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

35cfbb5e9b74947a1754e85cefbbd90880b770cf662526d1f7e2a2980843ac62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 31 Dec 2020 16:29:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15919
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 31-Dec-2020 16:44:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:05:47 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ 111 KB
39 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ad.doubleclick.net
Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8772
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jan 2021 14:02:54 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Thu, 31 Dec 2020 16:29:06 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 10:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21883
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Dec 2021 10:24:23 GMT

GET
H3-Q050 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 820E 0
0 34ms
20ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 31 Dec 2020 10:24:24 GMT
expires: Fri, 31 Dec 2021 10:24:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21882
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mtrcs_622835.js Show response
s372.meetrics.net/bb-mx/prime/ 2 KB
2 KB 88ms
29ms Script
text/javascript 136.243.13.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.meetrics.net/bb-mx/prime/mtrcs_622835.js?pjid=622835&cpid=25020849&cid=142860783&place=288890851&site=3162956&adc=Audi&size=970x300&cb=691104974
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h325.meetrics.de
Software: nginx /
Resource Hash: c10b72a6205877381c9f62fea2c72b05dfdde24f8fe624434d02139fb10a08e9

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:06 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1205
Expires: Thu, 31 Dec 2020 16:29:05 GMT

GET
H3-Q050 200 audi_audiSelectPlus11_q3_1_970x300.html
s0.2mdn.net/6342803/1607612173696/ Frame 322E 0
0 33ms
20ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6342803/1607612173696/audi_audiSelectPlus11_q3_1_970x300.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6342803/1607612173696/audi_audiSelectPlus11_q3_1_970x300.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2490
date: Wed, 30 Dec 2020 23:03:35 GMT
expires: Thu, 31 Dec 2020 23:03:35 GMT
last-modified: Thu, 10 Dec 2020 14:56:13 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 62731
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
683 B 110ms
58ms Other
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL7vHtStaG81y6SyrYMToDy8YtjsvbB5HWbE7AnivcgpXGKn2PCWsmAAj3fQ61lQEaaWzPRZPvJAoFSr8Ie95WNMzpKodv1laS0Q6GlfvWUPgvpUcFbQ&sig=Cg0ArKJSzCnUoDi0d9QJEAE&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=63&cisv=r20201203.73943&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 31 Dec 2020 16:29:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK mtrcs_622835.js Show response
s372.mxcdn.net/bb-mx/serve/ 145 KB
56 KB 77ms
25ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_622835.js
Requested by: Host: s372.meetrics.net
URL: https://s372.meetrics.net/bb-mx/prime/mtrcs_622835.js?pjid=622835&cpid=25020849&cid=142860783&place=288890851&site=3162956&adc=Audi&size=970x300&cb=691104974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0f7711c86b13ab046c999372bb9916d7b867fdc6805ed8234644b5890c87f79b

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 16:29:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2020 15:27:00 GMT
Server: nginx
ETag: "\W00000565731607700420776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=76165
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 56573
Expires: Fri, 01 Jan 2021 13:38:31 GMT

GET
H/1.1 200
OK gettag Show response
s372.meetrics.net/bb-mxad/ 0
294 B 31ms
30ms Script
text/javascript 136.243.13.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.meetrics.net/bb-mxad/gettag
Requested by: Host: s372.meetrics.net
URL: https://s372.meetrics.net/bb-mx/prime/mtrcs_622835.js?pjid=622835&cpid=25020849&cid=142860783&place=288890851&site=3162956&adc=Audi&size=970x300&cb=691104974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h325.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 16:29:06 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
55 B 58ms
58ms Other
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 31 Dec 2020 16:29:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK submit
dc299.s372.meetrics.net/bb-mx/ 43 B
291 B 81ms
27ms Image
image/gif 136.243.12.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc299.s372.meetrics.net/bb-mx/submit?/49LoBCAAATkzFdFAAAAAAAZwSwSAPAAAAAAAAAOAAAARksFAQtjFpBcNSA
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h299.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:06 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 31 Dec 2020 16:29:05 GMT

GET
H/1.1 200
OK data
dc299.s372.meetrics.net/ 43 B
308 B 81ms
27ms Image
image/gif 136.243.12.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc299.s372.meetrics.net/data?/49LoCCAAA/whFtTo0F0wFz6BvvAhkFukEv1FisFljFspFjrFuuEl0FvkEktFvhEkpFvOE00A04AwzAuyAxzAz3AwwAXQFvCEy1AwyAw4A05AuyA44A45Aw4A1xA7kEjfF2lFy9B23AuxA5xA7zE69B53Aw4EzwAw7AvzFksF9xA71EfzFk9BxuAy1A7nEkwFyfFjvFuzFluF09BDPF4RE6KFZPF4RE6KFZCFJBFDDFQMFBtBDnFBQFfBFBIFfBFBCF1ZEHtB0kFfYFfmFizB5qEtfE15Af5B0wBlZFxmE5fE3fE2yBw6EqnFlkFztB4OE5kFfYFfMF4YE0tEN3B2CFz2AwxF0LE1SF0FE1zBMCFBRFGsFIPFIjFURFt3F2JErWFxUFQzFhrFyNEy3BOLFK3BQFFpuFNiFPyBkZFHIF0mFu5BWUF1aFLZF35A3zEffFf6FffFtfEffFffF35AmfFytBzfEzfE2wF5WEtnEivFBTFZhFs4BCGFtKFZ3FFrFwhEWRFvnFRoFYFFowBBJFBLFLFFZXFphF3nFKYFCUFzyFnJFfRFRNFBFFCxFBqFBpFCCFpDFqGFrFFBBFBBFBTFVSFBDFBIFnnFFRFCFFBnFBCFBDFwBFRnFBJFwBERXFBFFnZFCBFBLFBhFGnFCGFBFFJFFoCFrjFGSF5tFCBFSJF0GFCQFKXFBKFSjF3HEHFFJaFSRFBBFuZEBBFBBFBBFBBFBBFB7BnkFwyF9xA7hEkkF0sFfjFvuFzlFu0F9xA+zB5uA0zAu0A2uA11Au3AwuA45AuxAw4AuxAx3AuxAyyAuxA0zAuxA05AuxA2yAuxA23AuxA40AuxA52AuyAwyAuyAxxAuyAy4AuyA0xAuyA1zAuyA22AuyA3yAuzAxxAuzAyyAuzAy2AuzAy3AuzAz4AuzA41AuzA45Au0A0wAu0A04Au0A05Au0A1zAu0A4yAu0A42Au0A50Au0A51Au1AwxAu1AwzAu1Aw1Au1AyyAu1A0wAu1A30Au1A41Au1A43Au1A44Au3A01Au3A4wAu4A23Au4A30Au4A55Au5Aw0Au5AyyAu5AzxAu5A4xAuxAwzAxuAxwAzzAuxAw5AyuAxwA55AuxAxwA3uAxxAy2AuxAxyA3uAxxA3xAuxAywA1uAxyAx1AuxAy0A4uAxyA1yAuxAy4A2uAxyA5wAuxAzwAxuAxzAy5AuxA0xA5uAx0A12AuxA02A1uAx1Ax2AuxA10A4uAx1A14AuxA12A0uAx1A33AuxA21AzuAx3Ay1AuxA40A0uAx4A15AuxA43A4uAx4A45AuyAwxAzuAywA24AuyAw3AyuAyxAz3AuyAx0A1uAyxA33AuyAx3A5uAyyAx2AuyAy5A5uAyzAxyAuyAz1A5uAyzA3zAuyAz3A3uAy0AxxAuyA1wA0uAy1AxwAuyA10A0uAy1A23AuyA13AxuAy1A4zAuyA14A5uAy2Aw0AuyA2wA1uAy2Az0AuyA21A3uAy3Aw3AuyA3yA5uAy3Az5AuyA35A3uAy4AyyAuyA4yA3uAy4A23AuyA43A0uAy4A42AuyA44A3uAy4A45AuyA5wAxuAy5Aw4AuyA5xAxuAy5AyzAuyA5zA5uAy5A12AuyA53AzuAzwAw5AuzAwyA1uAzwAzzAuzAw1AzuAzwA32AuzAw3A3uAzwA34AuzAxwA4uAzxAy0AuzAxyA4uAzxAzwAuzAx5A07AkjFfhFkrF9yAwzA0wAw2AywA17AvyFk9BtnF4zAx2E7kEjfFymFs9BxsAo0F0wFzlBzBElyAGlByGE33F3uB3wFuwEslByGEkwA74Ek0F9wA7jEysF09BsmFh1BSWFu1AotB7jEtwFs9B47AnjFzyF9hE7zE00Fy9B00A7wEyjFs9BuBFTkzFARksFAQtjFtffVbA
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h299.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 31-Dec-20 16:29:05 GMT

GET
H/1.1 200
OK data
dc299.s372.meetrics.net/ 43 B
308 B 81ms
27ms Image
image/gif 136.243.12.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc299.s372.meetrics.net/data?/49LoDjAAAfpyF+k2FoywAywAtxAytAxxAtxA16Ay2At2AyyA4zA1tAyuAxyAxuAxtAhlF24AjyBwjEip6Ft2AwBEsp3Fx2Aw5A0zAyxA01A54AxBEjwtFuvFulFkqnFluFtVETBFLjlFBLlnFByqhFx2Aw5A0zAyxA02Ay2A32AyyA4zA1BE/k0FpBxgAwqFpkF92AyyA4zA1mAjwFpkF9yA1wAywA40A5mAjpFk9Bx0Ay4A2wA34AzmAwsFhjFl9By4A44A5wA41AxmAzpF0lF9zAx2Ay5A12AmhEkjF9BE1kFpmBzpF6lF95A3wA4zBwwAmjEi9B25AxxAw0A53A0BEMquFtBL2wFBLl1FCp2iFuvFfwFs1FnpFuzF/2xFfDylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0zF0vFyhFnlFpuFmvFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FylFx1FlzF0hFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FmpFslFz5Fz0FltFg3EpuFkvF3fF3lFirFp0FylFzvFs2FlsFvjFhsFmpFslFz5Fz0FltF1yFsgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4BEUkzFbBGDAAAAAAZwSwSABPBAAAAAAAABTp5AZdAAFAx8Ez8ExBEGAyzA2xAx1ArCBMAPAAAFAATp5TCBMAPBAAAAAAAAPY0mASksFwFbAAAAAAAAAAAAEAAATp5AAAAAAAIAy1AwyAw4A05AJAy4A44A5wA41AxBEHAzxA2yA51A2BEHA53Aw4EzwAwBEJAx0Ay4A2wA34AzBEEAB1FkpFdAAAAAAKPAsEAFAAACBMAAARBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB2zA0yA4wAzvAx2Aw3A2xAyxA3zA25A2vAh1FkpFfhF1kFpTFlsFljF0QFs1FzxBxfExzBfxBf5B3wA4zBwwAuoE0tFsBFDACBFOBFAAAAAAAAAAAAAAGAJGFSBFNFFdAAAAAAAZAwSAAAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFQtjFLvLpVA
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h299.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 31-Dec-20 16:29:05 GMT

GET
H/1.1 200
OK data
dc299.s372.meetrics.net/ 43 B
308 B 26ms
25ms Image
image/gif 136.243.12.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc299.s372.meetrics.net/data?/49LoEsDAAl2yFuvFfhFwpFKktFLkqFFlqwF2yAy4Az1ALl1FDKq1FKq2FMq3FuEMq4F0CKq6FLkqFKtkyB2yAy4Az1A6wEylF0pFtlF2qoFx2Aw5A0zAyxA01A54AxoE1yEw5Fw1FhqFxBFyqhFx2Aw5A0zAyxA02Ay2A32AyyA4zA1BE/k0FpBxgAwqFpkF92AyyA4zA1mAjwFpkF9yA1wAywA40A5mAjpFk9Bx0Ay4A2wA34AzmAwsFhjFl9By4A44A5wA41AxmAzpF0lF9zAx2Ay5A12AmhEkjF9BE1kFpmBzpF6lF95A3wA4zBwwAmjEi9B25AxxAw0A53A0BEOprFzDYCOqwFzDYClqwF2yAy4Az1ALkmFBTkzFPPgBAAZAwSAcAAAARksFAQtjFHWdmSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h299.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 31-Dec-20 16:29:05 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
94 B 15ms
14ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTpIqM_At1DURXkgzn1IubCkq7Apb8GHKFOI-uwixMxGzkh2g8E2S76pPnUdjJBSxMuDHT79WhLw&sig=Cg0ArKJSzMc0ho-DGKA_EAE&adk=2034006205&tt=-1&bs=1600%2C1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&p=0,0,300,970&mcvt=1020&rs=0&ht=0&tfs=116&tls=1136&mc=1&lte=-1&bas=0&bac=0&met=ie&la=1&avms=nio&niot_obs=11&niot_cbk=19&md=2&btr=0&cpmav=0&lm=2&rst&dlt&rpt&isd&msd=0&ps=1600%2C300&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1131&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=35&v=20201211

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 16:29:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
dc299.s372.meetrics.net/ 43 B
308 B 26ms
25ms Image
image/gif 136.243.12.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc299.s372.meetrics.net/data?/49LoFOOBAl2yFuvFfhFwpFTkzFARksFAQtjFsoRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h299.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 16:29:11 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 31-Dec-20 16:29:10 GMT

GET
H2 200 dc_oe=ChMI1qvs-tH47QIVUOO7CB0J4ws_EAAYACDvw49E;met=1;&timestamp=1609432156515;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ 42 B
254 B 58ms
56ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1qvs-tH47QIVUOO7CB0J4ws_EAAYACDvw49E;met=1;&timestamp=1609432156515;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N444803.2133700WP/B25020849.288890851;dc_ver=67.191;sz=970x300;osdl=1;u_sd=1.25;gdpr_consent=CO8QzJYO8QzJYBIACCPLA-CgAP_AAH_AAB5YG-td_X_fb39j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQFlHOHcTQmw6IkVqTPsak2Mr7NKJ7PEinMbO2dYGHtfn9VTuZKY797s___z__-_____79f_r-3_3_vp9V-gboASYal8BFmJYwEk0aVQogQhXEh0AIAKKEYWiawgJXBTsrgI_QQMAEBqAjAiBBiCjFkEAAAAASURACAHggEQBEAgABACpAQgAI0AQWAEgYBAAKAaFgBFAEIEhBkcFRymBARItFBPJWAJRc7GGEIZRQAA.YAAAAAAAAAAA;gdpr=1;addtl_consent=1~39.43.46.55.70.89.108.117.122.143.149.162.167.184.196.202.211.228.241.253.266.272.311.322.326.327.338.385.389.440.448.449.453.482.486.494.495.501.503.505.522.540.574.585.587.588.745.780.867.874.899.904.922.931.981.1031.1033.1092.1099.1107.1126.1127.1171.1205.1215.1248.1252.1286.1290.1301.1329.1419.1456.1465.1516.1548.1558.1564.1577.1653.1725.1844.1859.1878.1889.2013.2068.2072.2137.2145.2177.2179.2216.2299.2312.2359.2373.2377.2411.2504.2510.2544.2567.2571.2583.2589.2604.2605.2634.2657.2707.2729.2739.2797.2822.2827.2867.2874.2886.2887.2889.2901.2908.2911.2923.2939.2956.2973.3009.3025.3033.3053.3076.3077.3078.3108.3124.3128.3130.3194;dc_adk=2034006205;ord=mg831v;dc_rfl=1,https%3A%2F%2Fwww.wp.pl%2F$0;xdt=0;crlt=lfa5RV.5h-;cmpl=8;gcsr=a;sttr=44;prcl=n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 16:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 15:03:53	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
dc299.s372.meetrics.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
s372.meetrics.net
s372.mxcdn.net
tpc.googlesyndication.com
www.googletagservices.com
136.243.12.34
136.243.13.5
172.217.16.130
2.18.233.67
216.58.212.134
2a00:1450:4001:802::2006
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:81f::2001
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
0f7711c86b13ab046c999372bb9916d7b867fdc6805ed8234644b5890c87f79b
35cfbb5e9b74947a1754e85cefbbd90880b770cf662526d1f7e2a2980843ac62
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
c10b72a6205877381c9f62fea2c72b05dfdde24f8fe624434d02139fb10a08e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

ad.doubleclick.net Open in urlscan Pro 216.58.212.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

100 %HTTPS

44 %IPv6

6 Domains

10 Subdomains

9 IPs

3 Countries

162 kBTransfer

413 kBSize

1 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

ad.doubleclick.net Open in urlscan Pro
216.58.212.134 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

10
Subdomains

9
IPs

3
Countries

162 kB
Transfer

413 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions