urlscan.io logo urlscan.io
SecurityTrails logo

adslots.dustclick.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://db2.lostcitysearch.com/
Effective URL: https://adslots.dustclick.com/
Submission: On May 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is adslots.dustclick.com.
TLS certificate: Issued by GTS CA 1P5 on April 26th 2023. Valid for: 3 months.
This is the only time adslots.dustclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::ac43:b438 (United States)

ASN13335 (CLOUDFLARENET, US)
db2.lostcitysearch.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
detector.dustclick.com
adslots.dustclick.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
40 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
149 KB
3 dustclick.com
detector.dustclick.com
adslots.dustclick.com
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
531 B
1 lostcitysearch.com
db2.lostcitysearch.com — Cisco Umbrella Rank: 287944
786 B
17 6
Domain Requested by
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net adslots.dustclick.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 detector.dustclick.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 adslots.dustclick.com detector.dustclick.com
1 db2.lostcitysearch.com 1 redirects
17 10

This site contains no links.

Subject Issuer Validity Valid
detector.dustclick.com
R3		 2023-04-25 -
2023-07-24		 3 months crt.sh
adslots.dustclick.com
GTS CA 1P5		 2023-04-26 -
2023-07-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://adslots.dustclick.com/
Frame ID: 425C47C023B91928A476D169611B0841
Requests: 11 HTTP requests in this frame

Frame: https://64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 13D0FC067D0F95E0B0410C14123B86D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0073DD9644A09DAF7EEE0048114FF9CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 756E158FD1BD67BA5F26CF6976D43F0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello

Page URL History Show full URLs

  1. http://db2.lostcitysearch.com/ HTTP 302
    https://detector.dustclick.com/index.html?url=https%3A%2F%2Fadslots.dustclick.com%2F HTTP 308
    https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F Page URL
  2. https://adslots.dustclick.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

193 kB
Transfer

563 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://db2.lostcitysearch.com/ HTTP 302
    https://detector.dustclick.com/index.html?url=https%3A%2F%2Fadslots.dustclick.com%2F HTTP 308
    https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F Page URL
  2. https://adslots.dustclick.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://db2.lostcitysearch.com/ HTTP 302
  • https://detector.dustclick.com/index.html?url=https%3A%2F%2Fadslots.dustclick.com%2F HTTP 308
  • https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
detector.dustclick.com/
Redirect Chain
  • http://db2.lostcitysearch.com/
  • https://detector.dustclick.com/index.html?url=https%3A%2F%2Fadslots.dustclick.com%2F
  • https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F
454 B
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c19f1dfec5890d6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 16:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZciKlGB82EZPY3DNrTaclxOQ398n8HOkcPKvAOnp%2FhZpb%2BRfG7WtLcUpzjU2UI3mWd5XKUUWxvewi25On2xYwJ1USQzCLAYi2robKWWRzLBTmIWevwEvEMfeEnmxD5mKt7QaEVxGqqonrMkT%2Fa%2FUdukaYUeP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c19f1df7bf290d6-FRA
content-length
0
date
Wed, 03 May 2023 16:40:16 GMT
location
/?url=https%3A%2F%2Fadslots.dustclick.com%2F
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym3JOcjM1OW0cN3MmJtKHAK2w3dXFOTbQTZc%2FefYPWQ4F9kWLoTccYwCBh1amdPb3%2FNCgxbm9Zl8NPn%2BvvkwCeuquX%2FB3xm8n3irwBII10sCTuun9c%2FXZgufg%2FncgH%2FJtnaoaZZGQSS97riJw7qL0ZYML%2BwX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request /
adslots.dustclick.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adslots.dustclick.com/
Requested by
Host: detector.dustclick.com
URL: https://detector.dustclick.com/?url=https%3A%2F%2Fadslots.dustclick.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e773216f612b88577ee782ecf4ec6c00c66c1e0cf55cfc68c3bbc93d869b4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://detector.dustclick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c19f1e109482c3f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 16:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz81HqOhq0fx1KF3T6eauAYg7VZOlNsNNjniQGL%2BaPCt7tKGLi%2BVjOeJSHAD6bUlWCoSIa%2BRKTvU8e9Gml%2FxDJIvvbZjOo7bqng%2BeTBFpj2gibon%2Bf1gHJr3DpF5n9mF4IJ7DW270y7JCVOAn7vk4VXHUMM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adslots.dustclick.com
URL: https://adslots.dustclick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ad97e54b5bfa55068b9cc1fc58c2154fdcf90c28cf6d351af9aa37edae19a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24843
x-xss-protection
0
server
cafe
etag
201 / 19480 / 31074261 / config-hash: 14990455208619021522
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:40:17 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 15:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4235
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126154
x-xss-protection
0
server
cafe
etag
17925783384364415813
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 02 May 2024 15:29:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		91 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=adslots.dustclick.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42ed0f086e0bdb164ce3ca7504499d60541965c6b869f9c7bfe425f9d988b05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
x-xss-protection
0
expires
Wed, 03 May 2023 16:40:17 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adslots.dustclick.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adslots.dustclick.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		686 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2063624180950759&correlator=1343159335622975&eid=31074243%2C31074261%2C44780989%2C31068366%2C44789878&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=22831606382%2Cgeneral%2Cgeneral-web&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1&fluid=height&ifi=1&adks=1860419796&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1683132017343&lmt=1683132017&dlt=1683132017010&idt=308&adxs=8&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fadslots.dustclick.com%2F&ref=https%3A%2F%2Fdetector.dustclick.com%2F&frm=20&vis=1&psz=1584x0&msz=1584x0&fws=0&ohw=0&ga_vid=1569137967.1683132017&ga_sid=1683132017&ga_hid=460896527&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92ca1b1ed53ababb1f6b9315560b97b377dad51c29eef387e189b3ceb1ec0501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
349
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adslots.dustclick.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 13D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adslots.dustclick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 16:40:17 GMT
expires
Thu, 02 May 2024 16:40:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
128a04831679e9d54245183a30ebdbfbcce10a5070c2e18b7663551ad65ee5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11267
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js?cb=31074261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 May 2023 16:40:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0073 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adslots.dustclick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:58:36 GMT
expires
Thu, 02 May 2024 15:58:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 756E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e1875db55ae9b66da2a61be52224c043c12a68dfe475575da49ff20318e583b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aIy8mmKX0P8-4dnXiwC19g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adslots.dustclick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-aIy8mmKX0P8-4dnXiwC19g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 16:40:17 GMT
expires
Wed, 03 May 2023 16:40:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame 0073 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 14:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
8356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 14:21:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 756E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304270101&jk=2063624180950759&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0073 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uwSFYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 16:40:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304270101&jk=2063624180950759&bg=!aWqlaj7NAAYcDqajPA47ADkAdvg8WqVvLRowmP5v3EcS221adwzceltF0Y2R2XaxzrTHtBbCH5i8n0eTzAFXaaYRrw-hxxqji5wCAAAATFIAAAADaAEHmQLYt9ArOWxp2lq87EOZXeW0YH5KX6u7W0-_YwohujLh4Sml6kjxlXurMzOsj--9zN0BCmfVQaHJT4lJEW7ssuLyfs4lpuRahCLtMRyPFGqpIakrFc5jolfLOlLHub28g7nFDg1VAKBgWgfE57qGXUU4tMBPrArwZwXR-XaLCCE_79v6-Haf6FThnSMeOx6lEKSTP42Ryp83dG5Qpbk4SkibBNzhfiNfV6NXrFPYfL6jJHg3px6NrCyUFCOmrjy3VSULSV7tw2UxMe4nLJs80DSMxBHwOPN9MNoFoJ0ytmze2_RqVpjsUxVSJ1Fu3EeZ6Tmq65zoNd3qPl55SXBEcWOMcOQBIgWQDGlhCHi3E4D5i0et0DNxADJkrXxNwUAf-Dd9dcqgc8-7DYSDPQ8tmSFHS-Dls0OY3QmE751BS11762IyNOGffqgVoAkyyS8968IUK1iuY_Mk-uxen-miLvNPlq314YZtXvrYzCFfQssDNMwSGSIukqf72epbKbsONijNUpkjOx8Y3hHx6V0Fr6XVR4xIK0caeP8r2XSAWNmp3OzJ_cMx7IjgbcADMTKA_JdJWY01ktIviyPW5hlNTsT9JQRQoX-EKMfn3gpP5xnXCbYQ0DX0g4BAgnMMPNH8Mo74NRSEsxlj_2Y2V8V_-s-3FqKY7HCT4EmKWYf6bi7zcHrzpzmuDa7ffqZ1IKDhu6jMKR2jzHoDTfw3crjpKInN0BqzuCCUP5h50Wy_k2X5bgeEWRJKNUYDvMuOBCNoLHOrBtHMvk82bEOoFQEhW-d1yk26-hFTtWOHRNmF37IZMivkKtQPuWVWK3WLXAJ11zrioaQeAVay87tjrdPm0JqxlkTKV38aFqzzP9oXqpFBjyfiErXYizX398cCsRs6nNVSyoBrXe3-_HTicHuv1SGNAGE4leFrPwfgsWpZqWP8JCdXwp4TNLctFzBuoxcR9tE7gA4O_BylNTE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslots.dustclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dustclick.com/ Name: __gads
Value: ID=808e2f6fa500880c:T=1683132017:S=ALNI_MZc92SLKKa8WtvHGprOnvySkBclNg
.dustclick.com/ Name: __gpi
Value: UID=00000bf517f0998e:T=1683132017:RT=1683132017:S=ALNI_Ma9E_3z4gUEH7NCaxgCNQZvMG677g

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64706ee1b0e230f1651aa1dc65a6face.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adslots.dustclick.com
db2.lostcitysearch.com
detector.dustclick.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
2606:4700:3032::ac43:b438
2a00:1450:4001:806::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a06:98c1:3121::3
128a04831679e9d54245183a30ebdbfbcce10a5070c2e18b7663551ad65ee5dc
13ad97e54b5bfa55068b9cc1fc58c2154fdcf90c28cf6d351af9aa37edae19a5
1e1875db55ae9b66da2a61be52224c043c12a68dfe475575da49ff20318e583b
42ed0f086e0bdb164ce3ca7504499d60541965c6b869f9c7bfe425f9d988b05e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e773216f612b88577ee782ecf4ec6c00c66c1e0cf55cfc68c3bbc93d869b4f
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
92ca1b1ed53ababb1f6b9315560b97b377dad51c29eef387e189b3ceb1ec0501
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855