s.yam.com Open in urlscan Pro
52.187.123.178  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 31

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUEBs4YokIqSz6E7PuP9CwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 33

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzc5MjQyMjk5NDM3MTk2Ng%3D%3D

Request Chain 62

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

• https://pixel.adsafeprotected.com/rfw/st/812943/56863858/skeleton.js?adsafe_url=http%3A%2F%2Fs.yam.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2675037296853968%26output%3Dhtml%26h%3D250%26slotname%3D4974166294%26adk%3D1989567528%26adf%3D1779873044%26pi%3Dt.ma~as.4974166294%26w%3D300%26lmt%3D1631650227%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fs.yam.com%252F%26flash%3D0%26wgl%3D1%26dt%3D1631650226667%26bpp%3D32%26bdt%3D684%26idt%3D373%26shv%3Dr20210908%26mjsv%3Dm202109130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D4230344363761%26frm%3D20%26pv%3D2%26ga_vid%3D1602004334.1631650227%26ga_sid%3D1631650227%26ga_hid%3D2101465248%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D3%26u_nmime%3D4%26adx%3D408%26ady%3D904%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066432%252C44748552%252C31062297%26oid%3D3%26pvsid%3D4025109234208774%26pem%3D99%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DbsxSM58ai8%26p%3Dhttp%253A%2F%2Fs.yam.com%26dtd%3D391&adsafe_type=d&adsafe_jsinfo=,id:1f14df21-3113-64a2-e28c-544f2d960486,c:odNi7z,sl:na,em:true,fr:false,thd:1,mn:app10ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:214,fm:sJ1c4CJ+11%7C12*.812943-56863858%7C121%7C122%7C1231%7C131%7C14%7C15%7C1611,idMap:12*,rp:n,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:228,oid:cdaa7c7a-1597-11ec-9336-0634eb268b40,v:19.8.243,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

Request Chain 79

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response s.yam.com/	16 KB 6 KB	366ms 175ms	Document text/html	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://s.yam.com/ Protocol HTTP/1.1 Server 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 7fbfc7831a5f8dfbe40f70c5d9e6798dcdcb83d7b860c5edfee3596cfdb6b176 Request headers Host s.yam.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Tue, 14 Sep 2021 20:10:24 GMT Content-Length 5651
GET H/1.1	200 OK	css s.yam.com/Content/	139 KB 33 KB	320ms 177ms	Stylesheet text/css	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol HTTP/1.1 Server 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash c76b230a40cb927216612abe80a117c5546ec57111fb6b770d8fe67235815e6d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host s.yam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://s.yam.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 14 Sep 2021 20:10:25 GMT Content-Encoding gzip Last-Modified Tue, 14 Sep 2021 20:10:26 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 33813 Expires Wed, 14 Sep 2022 20:10:26 GMT
GET H2	200	script.js Show response hanalytics.eu/js/	744 B 1 KB	83ms 14ms	Script application/javascript	104.21.16.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hanalytics.eu/js/script.js Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.16.115 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b6796587883d5e526fd374f0f496f60d7c50c3aa6959c0b7fd5f32fada4b12e Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:26 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3441 cf-polished origSize=746 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Sep 2021 19:47:47 GMT server cloudflare etag W/"2ea-5cb58ec70be84-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Host,Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hd%2Fc3EN4YHW5cOCaSB3raqOuFsmHNwAOG5v6G7MXIQg4qW2rPZORup79y%2BxRPrcZijnC7apgl4m8SpmaKQymLWbDsyFsUMYTOdSx%2F4P0m9E9z3QPN1ofhyVdaTxthnxx"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 68ec4238f911dfa9-FRA cf-bgj minify
GET H2	200	500_104.png img.yamedia.tw/2021/share/	15 KB 16 KB	957ms 23ms	Image image/png	104.21.61.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.yamedia.tw/2021/share/500_104.png Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ece5bf231dbbc2118d2ee8a8ecbb335bca176c4de344f67a881b88afe18414a Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Sep 2021 20:10:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 3wycdh9BS9lBG+JCpucFVA== age 1417629 content-disposition alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 15707 x-ms-lease-state available x-ms-lease-status unlocked last-modified Tue, 09 Feb 2021 10:04:20 GMT server cloudflare etag "0x8D8CCE211CE3D43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9y40EGN1BLxEKVLkYFf8jrhjQ8gJaWApYfMaNjeeFaKc5PrLmqaS32c3rZPS8INc7c42o2OnXOqxbQZQ2vaW2rltPhaOHaS%2BJPQmUcw5aRUcJCxPsuBWdwsBTYlxdvVAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png x-ms-request-id de66dd10-e01e-0009-681a-430315000000 cache-control max-age=5356800 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 68ec423e69332b65-FRA
GET H2	200	loading.gif img.yamedia.tw/2021/share/	40 KB 41 KB	950ms 16ms	Image image/gif	104.21.61.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.yamedia.tw/2021/share/loading.gif Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.61.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b142d36d6f95d9384d3c6203b94af5689bf0027475806a0349efe1fc43aeb9 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Sep 2021 20:10:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 AlOeK5j89stXWjZ5yAsFUw== age 1855803 content-disposition alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 41005 x-ms-lease-state available x-ms-lease-status unlocked last-modified Tue, 09 Feb 2021 01:44:21 GMT server cloudflare etag "0x8D8CC9C38BC7AED" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FWfFYK1phOfq8RR8Qb5aQgOqXfMYxn%2FvrVuJQvAZjVGfaU7heCeagDApGZYkI7C8Q4opwfxdgbdrmfFeshmBQJGpglxTCmrT1xi%2FRW4sjpvRJjONpmt1IRSaUhtbeGDqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-ms-request-id f212062e-201e-0014-7ec3-98daff000000 cache-control max-age=5356800 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 68ec423e69362b65-FRA
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	136 KB 48 KB	78ms 55ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol HTTP/1.1 Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 1947bbfa54a1079d10e73adaccdcc21952faa0d6d5929e567eee24f902076fd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Timing-Allow-Origin * Date Tue, 14 Sep 2021 20:10:26 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 6340949852821719840 Vary Accept-Encoding, Origin P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 48927 X-XSS-Protection 0 Expires Tue, 14 Sep 2021 20:10:26 GMT
POST H3	200	event Show response hanalytics.eu/api/	3 B 713 B	285ms 285ms	XHR text/html	104.21.16.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hanalytics.eu/api/event Requested by Host: hanalytics.eu URL: https://hanalytics.eu/js/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.115 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.23 Resource Hash 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf Request headers Referer http://s.yam.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json, text/javascript; charset=UTF-8 Response headers date Tue, 14 Sep 2021 20:10:26 GMT content-encoding br vary Origin,Host,Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache-key https://hanalytics.eu/api/event x-powered-by PHP/7.4.23 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 59 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwr09ogpGivRHC3ycF%2BcdnjtrMK0u1%2BfnjB7ir0%2FoglUAC7i8BYO4n4TlNdb%2BqpInwz2iUC%2FzK2Ev2Vi1ZrjwspKku%2FtJ6ev2iwJUFBxrHiJ7hl9caWnWbE9lI7VBBGP"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin http://s.yam.com cache-control no-cache, private access-control-allow-credentials true x-ratelimit-limit 60 cf-ray 68ec423a9ff005bf-FRA
OPTIONS H2	204	event hanalytics.eu/api/ Frame	0 0	236ms 219ms	Preflight	104.21.16.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hanalytics.eu/api/event Protocol H2 Server 104.21.16.115 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.23 Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://s.yam.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 14 Sep 2021 20:10:26 GMT x-powered-by PHP/7.4.23 cache-control no-cache, private access-control-allow-origin http://s.yam.com vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Host access-control-allow-credentials true access-control-allow-methods POST access-control-allow-headers content-type access-control-max-age 0 x-cache-key https://hanalytics.eu/api/event cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtwHOauPG86Fn4JELFz%2Bi4Zzn%2BbUXi%2B5VRjINJfxofn%2BNaOfRFhKLHsaavBgFFxsrReZCD6VON8i1ITdjp90%2BKHt7V%2Bs4SOP9EpulMaehgmitnpJLfPOeJON9OYswaj9"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68ec42393a7c68f8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 961D	10 KB 5 KB	737ms 29ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210908/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://s.yam.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 14 Sep 2021 20:03:05 GMT expires Tue, 28 Sep 2021 20:03:05 GMT content-type text/html; charset=UTF-8 etag 13836150016441684253 x-content-type-options nosniff content-encoding gzip server cafe content-length 4591 x-xss-protection 0 age 441 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	default Show response s.yam.com/min/	141 KB 61 KB	180ms 180ms	Script text/javascript	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://s.yam.com/min/default?v=XZQUDHUAffRknvcSQvv8izAVzhjAqUudJ5KeuVE2Xxg1 Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol HTTP/1.1 Server 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash bfad1784c489a413b512e4f03923dd6cd991811c5c49263125aa6930196d7f4d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host s.yam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://s.yam.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 14 Sep 2021 20:10:25 GMT Content-Encoding gzip Last-Modified Tue, 14 Sep 2021 20:10:26 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Content-Length 61682 Expires Wed, 14 Sep 2022 20:10:26 GMT
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/	251 KB 93 KB	312ms 40ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:26 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 94967 x-xss-protection 0 server cafe etag 3426842561966430038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 20:10:26 GMT
GET H/1.1	200 OK	glyphicons-halflings-regular.woff s.yam.com/fonts/	16 KB 16 KB	170ms 170ms	Font font/x-woff	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://s.yam.com/fonts/glyphicons-halflings-regular.woff Requested by Host: s.yam.com URL: http://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Protocol HTTP/1.1 Server 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af Request headers Pragma no-cache Origin http://s.yam.com Accept-Encoding gzip, deflate Host s.yam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Cache-Control no-cache Referer http://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Connection keep-alive Referer http://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Origin http://s.yam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 14 Sep 2021 20:10:25 GMT Last-Modified Thu, 17 Aug 2017 04:57:26 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "9c6d60521517d31:0" Content-Type font/x-woff Accept-Ranges bytes Content-Length 16448
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	242ms 18ms	Script text/javascript	216.58.212.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.238 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams16s22-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 1697 date Tue, 14 Sep 2021 19:42:09 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Tue, 14 Sep 2021 21:42:09 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	50ms 24ms	XHR text/plain	216.58.212.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2101465248&t=pageview&_s=1&dl=http%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1867045584&gjid=957503574&cid=1602004334.1631650227&tid=UA-16227618-1&_gid=1921000120.1631650227&_r=1&_slc=1&z=109311075 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.238 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams16s22-in-f14.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://s.yam.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://s.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	197 B 653 B	99ms 28ms	Script text/javascript	216.58.212.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=s.yam.com&callback=_gfp_s_&client=ca-pub-2675037296853968 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s28-in-f2.1e100.net Software cafe / Resource Hash 9c0b2c4ffa111eb17a3253c78b826ffd6aa6606b3e4bde0dcc09664d4f0431db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 187 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	100ms 36ms	Script application/javascript	142.250.187.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=s.yam.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.187.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s33-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 84C7	14 KB 8 KB	479ms 446ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash b9aef2f288f11148beec769f87e06ecec4e70669abc394478435f3f05a497b43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://s.yam.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 14 Sep 2021 20:10:27 GMT server cafe content-length 7776 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 20:25:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:27 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 28 KB	110ms 41ms	Script text/javascript	142.250.179.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.179.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s31-in-f2.1e100.net Software sffe / Resource Hash aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27627 x-xss-protection 0 server sffe etag "1631547519045135" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="active-view-scs-read-write-acl" expires Tue, 14 Sep 2021 20:10:27 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 427 B	48ms 14ms	XHR text/plain	74.125.206.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16227618-1&cid=1602004334.1631650227&jid=1867045584&gjid=957503574&_gid=1921000120.1631650227&_u=IEBAAEAAAAAAAC~&z=104196769 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.206.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wk-in-f155.1e100.net Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://s.yam.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 14 Sep 2021 20:10:27 GMT content-type text/plain access-control-allow-origin http://s.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8475	68 KB 25 KB	674ms 648ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 485a0d928074034ee62535da57b6602b7d69bd0e06919f15bb88c7674624169a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://s.yam.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 14 Sep 2021 20:10:27 GMT server cafe content-length 25994 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 20:25:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:27 GMT cache-control private
GET H/1.1	204 No Content	gen_204 pagead2.googlesyndication.com/pagead/	0 459 B	29ms 29ms	Image image/gif	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fs.yam.com%2F&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol HTTP/1.1 Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Sep 2021 20:10:27 GMT X-Content-Type-Options nosniff Server cafe Timing-Allow-Origin * P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, must-revalidate Cross-Origin-Resource-Policy cross-origin Content-Type image/gif Content-Length 0 X-XSS-Protection 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EB89	150 KB 40 KB	564ms 543ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1631650227&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fs.yam.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631650226932&bpp=1&bdt=949&idt=136&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=139 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 91d8dec870862e9c2372ea8699af0dc595ce349224105b86b196f92603819079 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1631650227&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fs.yam.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631650226932&bpp=1&bdt=949&idt=136&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=139 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://s.yam.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 14 Sep 2021 20:10:27 GMT server cafe content-length 41025 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 20:25:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:27 GMT cache-control private
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	81ms 31ms	Image image/gif	142.250.187.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16227618-1&cid=1602004334.1631650227&jid=1867045584&_u=IEBAAEAAAAAAAC~&z=805261601 Requested by Host: s.yam.com URL: http://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.187.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s33-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84C7	42 B 63 B	37ms 36ms	Image image/gif	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1-Mmxre1ng4E82USNR1-oklTbs7BzwJ_-ZgPFEnnig_YbBGpeMXpKou-NvUnUComp6pEV4fL24zd2vUj9x0mRIbcbOHw7wk1EucuLo1ReJuXoqNw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 84C7	8 KB 4 KB	46ms 19ms	Script text/javascript	142.250.179.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.179.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s31-in-f2.1e100.net Software sffe / Resource Hash 6f99c92c022128ac0a66fa125b4fb27c1cbafa094ed31e4e4bcfe1b6b360c14c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 19:21:32 GMT content-encoding gzip x-content-type-options nosniff age 2935 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3982 x-xss-protection 0 last-modified Tue, 14 Sep 2021 14:06:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-dcm-tag" expires Tue, 14 Sep 2021 20:21:32 GMT
GET H2	200	skeleton.js Show response pixel.adsafeprotected.com/rjss/st/812943/56863858/ Frame 84C7	46 KB 13 KB	130ms 60ms	Script application/javascript	34.249.30.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st/812943/56863858/skeleton.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-30-33.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2c716e3ca47032020e0a31ddf79938156a5336d0e70c83894e2779ab12c8b199 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-server-name app10.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 84C7	2 KB 1 KB	71ms 20ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:21 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:21 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 84C7	14 KB 7 KB	70ms 19ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:41 GMT content-encoding gzip x-content-type-options nosniff age 46 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6211 x-xss-protection 0 server cafe etag 18326705275735229343 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:41 GMT
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 84C7	0 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A93F	624 B 300 B	35ms 35ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 accept-encoding gzip, deflate, br cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 14 Sep 2021 20:10:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlTpjJHnodsQqL4XKD656eNEdDphjwEHfubAxH4fzXkuwO4nWarxBT9YpjF; expires=Thu, 14-Sep-2023 20:10:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:27 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 84C7	24 KB 12 KB	65ms 64ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcLplJ2S0KmtDhp2JfH8g2Px_cU4mUO6Yc1PMTQPrUAkZM31QfgIN-dn5DcByEOJ5JFGptGRnJAsic1rX1ZB84hyeXVDhU6SOZQMQdRiWVV4uHfYENFsBqFZfREuDqYvF73T2-A7wD2o0f4E4h5Uv1HrZWjw&cry=1&dbm_d=AKAmf-CO8JiyFbwH4gaKxu-Kg1AC1oMk1U8u0N8m4XS7WcBURV7IxUP0q6t2m3gNTWXJm3vJVAIKSWXzCaF7_kG4bvnuI3sYtYPjaxBNyPVvPkUss8DnVZs5A3-cu9cwUrm2P72B3zKWC1GEqj59dm8q5nuAEKElzEbIeTrDwqjfOyzQk0E_9uLgzpBJC1DgFryejHPBBdUoa6i1oOrnzsapK9mgqQThlVVFUsYztLAZXYOqiHazrYbg0Krs8Y8svPXEm0VNzj1x_i48CTJANu8SA3sUh_v-Y9kWsn5qU-lOun-fCp739i1Rye7ycuRCBPRz17e06m1nHlRU9EVtp4sckmWKfEP9E72q8W-IPem3Ln4DfckAlU4l8HiP2Z98tGAHLpn07RLIVGxFnhPjJmQR2Bwr3T8vsx-7Er7buyWoD0wu9mhyjB4Q7XNcP0N43nC8FLkxF8miNeqz5G0NQp4z8eFn2xJ3QnnSWb6nZVfBmfGJvrXB_75H1Em1EkB0bUaEHd3_SeFT2O__bXHbMyWMUikG2h1MqjACbMFMEsVrvCgaDZ7sMi4stvfm6BsQzdPEBWle85nnJOpIz-vcSLYwEQW9lz7YBSbkpqW9dzS_MZOOf16AUeK0V76OA-irQ4EsI0EKJuWlr5N4KkeudFt2Ehizc9-oLLil53hkDPDkdlxzEUhLiwgbob9ghhOwGjIAyeBIqYymqsuDUIqxtRchv0hXSBOCGSo6Ew0BmlzZiNeRULE6ynPS865huh8Mf1kyIrdmt4CPUf6q85K8_xSTJvuzTNm7W9hpXNCjYQadTyBUPum8OOJnLUpBq8DIpbKbePhP6roGF26U_QDO4RZhrJWNNFqm2gSDilxq9qiYNuTZY5QDDa4V_aUEi7FJTgfIAffqH1kTYK1fFodtQ492F9TIVXQxIFSyhtF3Vql-Gi52ZBWEqT29vAijo7-8Eqcy26KKuhlq16O31IhuaEgFICJUY_rmwMS3a0bP1dchKK6P-7NoYLXHtgkSujSuXhypQxWKs4Z4pSbJAdbrNo0wACPDqqIAt37nE58oDxUqcYfRFVHrT_2ULtj7txFs9AYsrlE51MllwmWopfIsoEudOeNomZudENv9ln8-i_DO2CSsyojiDxko-lopzF6lYi3160wR56goqD5_B4bzEwZrO7U-Sx-R0QZmgS87-yQxlXdHPXRVZSjJIbwyJFpmVDrySlf8z4YUwk_u0CS-wkqNoA7L_-4Pbw5ri53-aMw8UMT7UCW2MoEAvFerGlgOJ_J1yq1V5mbPuntt5EByVLQOwiseJWNjK6u5VSdo6M_n6orPn6sKjTDFn75uCIsUX-DkR8GMT3kCA70nTCrNK-Zvc3Is4nJIa2hmRGcraHQDTYu_4_uC1vaNmZeRT25ZZnEqBvZpigwus1dVafy-BIz9p6On_mKAvBnQCmn0G_1LabfzJB5WZujLJQ5kar6ODHpVwOZwfZsIAFFYWaFjrA3FGdKw4Kzj5sh5ZuO6AH3EYmwSomCsM2GaBNmTO9fC6FpgMVVlOAC_bKiEqywc2oVMA1gwCFDjfZZr60EaU9ZO_0WkNsi6cM8Et0sfXqpUt80mDXszJHo6nkG_hlSumJKWlkMJ8_GmLegIIY8DMqKAfisCOYlqqEpjY91ELUnWdtBBzuTIsJpAdj68_TjM21X4dLKUmHx4ZZeJxiUGLvu8WcSKIKy6-vfmrmbcrzZdedNuh5dow6ID7GI0aoq_qg-xErKIlcuPW3alhjG3rA-bwH7LRCPeHWq3C51g8s9jREhQstpnnUOuMzDxD0wk7iqVXRZ6lkB0OUqNoOAlNWZVeX2JL7ufoAWraSVi_A7JWJd5r9vLI_u_LVPmPih7Zpumfgli9jD_wyzVcz3CAd_Hpcla6V_fDJ10Cx8PXxchOQ3t7WAOp1OFn8fmP6hr7heDYRuAEQCi2i4OwAtC8p_Zec1r7POLeauYPmJtzpFzsDw6RooiRsivH6RCUZpfYfzO8Ah9Z-St8rhKH_K6NAGz6k84MvGxCmiooJ3-VSjYtv_SNI7_Hnkk5sjjZf-sSP1ZV2CMHQIYotCMqLLtNMBB7F8U-ea4aiqku3a8zUdJQmmL9Z3S-fwi0cbsdpje4lLUYJ5BycspQxqkO-XtR-gZ2bHGYAbGgy6b03tf0viZdspNxwawv_D8HV81WxY-mCOVXIXIbyVjuAaonsKdWZpW87YfMmzt0BAvBI089gaYl-BkELSEUUPXVKsFqqOwHB4m_RxmIbbIeHM3gk_Jhgq4OjYQ1Tiyg0TliqieIos2mpOjUdZ_gkXACM45dAes-6rX7fMY6XiZPJ_fsKuWgL6TR7taVLYKFEZoW9m3aolz-X_WMSZ7NuUVuaIinxoHIjh6UkcQ56edN4sdSlo27T1U-Jo9Wn0gZNcnAOgPpEC-RYgty-CMqjsWz70BwGXjtefYEzzPC2JCdEB7c_12Uab9Kyu0Dof6A6k8CzkTfPG0rrf7FrrCd0vFMlFo9ZEF98rKTR9p1B74clzULI_HOoUqSCZFo2Pbsjjj6wtiQHT5sAIjkST6BiSm51sPdJEv-RdLldnCAJeFcPUorgRrhkDTFRbgwwBcVfW-1dcdGKSsK5LhBSi1b6fwanLJr64uhGQRcJ_F-ZW-vIOFQDgqHhsywmSyuCf_0aQfNo4WdMTLiTzuE8QRbZ7A7u48Lj01_pdpzvOgIqgU21V9nmsGKuvSn-WrRXBG_-S1mym0Ibu2SvlTyrTrpxuqW36S1prB081imZChDutTjRYsW9AO9YpHzMzNXKGjHZ2RXyug5t-Tu5FdN-yjc3sJoVM7IUwAVSR2nLbyMPfxvkjYGptJaQTha2Rsxeaz_gfX6jzg6aXP9G-366LjrNRlpOzm8t-biczNg3Yri60ARQ&cid=CAASBORo8UA&rfl=1%2Chttp%253A%252F%252Fs.yam.com%252F%240 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 2fcb95f75bff4332eb034a4af58ee7d38fe5d293b05cdf58e47e4509cd33e308 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12763 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A93F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15	43 B 315 B	140ms 122ms	Image image/gif	23.0.33.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-0-33-234.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Sep 2021 20:10:27 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 14 Sep 2021 20:10:27 GMT Redirect headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 288 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A93F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUEBs4YokIqSz6E7PuP9CwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15	43 B 315 B	36ms 36ms	Image image/gif	23.0.33.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-0-33-234.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Sep 2021 20:10:27 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 14 Sep 2021 20:10:27 GMT Redirect headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 288 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A93F	170 B 523 B	77ms 27ms	Image image/png	172.217.169.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.169.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s09-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A93F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzc5MjQyMjk5NDM3MTk2Ng%3D%3D	170 B 188 B	55ms 29ms	Image image/png	172.217.169.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzc5MjQyMjk5NDM3MTk2Ng%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ3FExC1qSEY7vL7swEwAQ&v=APEucNWK69eizMjFHKj8zeGygp5baDLhXugiF6IdvwKrIo2uzxRaUga8dstovh9BKAjqca1DTYT0k24vb3aR2nBmzKu6Jc-7NQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.169.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s09-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 14 Sep 2021 20:10:27 GMT X-Proxy-Origin 216.131.114.216; 216.131.114.216; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c2426cf7-6499-46a9-944a-995bf00bad93 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzc5MjQyMjk5NDM3MTk2Ng%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 84C7	23 KB 9 KB	30ms 29ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcLplJ2S0KmtDhp2JfH8g2Px_cU4mUO6Yc1PMTQPrUAkZM31QfgIN-dn5DcByEOJ5JFGptGRnJAsic1rX1ZB84hyeXVDhU6SOZQMQdRiWVV4uHfYENFsBqFZfREuDqYvF73T2-A7wD2o0f4E4h5Uv1HrZWjw&cry=1&dbm_d=AKAmf-CO8JiyFbwH4gaKxu-Kg1AC1oMk1U8u0N8m4XS7WcBURV7IxUP0q6t2m3gNTWXJm3vJVAIKSWXzCaF7_kG4bvnuI3sYtYPjaxBNyPVvPkUss8DnVZs5A3-cu9cwUrm2P72B3zKWC1GEqj59dm8q5nuAEKElzEbIeTrDwqjfOyzQk0E_9uLgzpBJC1DgFryejHPBBdUoa6i1oOrnzsapK9mgqQThlVVFUsYztLAZXYOqiHazrYbg0Krs8Y8svPXEm0VNzj1x_i48CTJANu8SA3sUh_v-Y9kWsn5qU-lOun-fCp739i1Rye7ycuRCBPRz17e06m1nHlRU9EVtp4sckmWKfEP9E72q8W-IPem3Ln4DfckAlU4l8HiP2Z98tGAHLpn07RLIVGxFnhPjJmQR2Bwr3T8vsx-7Er7buyWoD0wu9mhyjB4Q7XNcP0N43nC8FLkxF8miNeqz5G0NQp4z8eFn2xJ3QnnSWb6nZVfBmfGJvrXB_75H1Em1EkB0bUaEHd3_SeFT2O__bXHbMyWMUikG2h1MqjACbMFMEsVrvCgaDZ7sMi4stvfm6BsQzdPEBWle85nnJOpIz-vcSLYwEQW9lz7YBSbkpqW9dzS_MZOOf16AUeK0V76OA-irQ4EsI0EKJuWlr5N4KkeudFt2Ehizc9-oLLil53hkDPDkdlxzEUhLiwgbob9ghhOwGjIAyeBIqYymqsuDUIqxtRchv0hXSBOCGSo6Ew0BmlzZiNeRULE6ynPS865huh8Mf1kyIrdmt4CPUf6q85K8_xSTJvuzTNm7W9hpXNCjYQadTyBUPum8OOJnLUpBq8DIpbKbePhP6roGF26U_QDO4RZhrJWNNFqm2gSDilxq9qiYNuTZY5QDDa4V_aUEi7FJTgfIAffqH1kTYK1fFodtQ492F9TIVXQxIFSyhtF3Vql-Gi52ZBWEqT29vAijo7-8Eqcy26KKuhlq16O31IhuaEgFICJUY_rmwMS3a0bP1dchKK6P-7NoYLXHtgkSujSuXhypQxWKs4Z4pSbJAdbrNo0wACPDqqIAt37nE58oDxUqcYfRFVHrT_2ULtj7txFs9AYsrlE51MllwmWopfIsoEudOeNomZudENv9ln8-i_DO2CSsyojiDxko-lopzF6lYi3160wR56goqD5_B4bzEwZrO7U-Sx-R0QZmgS87-yQxlXdHPXRVZSjJIbwyJFpmVDrySlf8z4YUwk_u0CS-wkqNoA7L_-4Pbw5ri53-aMw8UMT7UCW2MoEAvFerGlgOJ_J1yq1V5mbPuntt5EByVLQOwiseJWNjK6u5VSdo6M_n6orPn6sKjTDFn75uCIsUX-DkR8GMT3kCA70nTCrNK-Zvc3Is4nJIa2hmRGcraHQDTYu_4_uC1vaNmZeRT25ZZnEqBvZpigwus1dVafy-BIz9p6On_mKAvBnQCmn0G_1LabfzJB5WZujLJQ5kar6ODHpVwOZwfZsIAFFYWaFjrA3FGdKw4Kzj5sh5ZuO6AH3EYmwSomCsM2GaBNmTO9fC6FpgMVVlOAC_bKiEqywc2oVMA1gwCFDjfZZr60EaU9ZO_0WkNsi6cM8Et0sfXqpUt80mDXszJHo6nkG_hlSumJKWlkMJ8_GmLegIIY8DMqKAfisCOYlqqEpjY91ELUnWdtBBzuTIsJpAdj68_TjM21X4dLKUmHx4ZZeJxiUGLvu8WcSKIKy6-vfmrmbcrzZdedNuh5dow6ID7GI0aoq_qg-xErKIlcuPW3alhjG3rA-bwH7LRCPeHWq3C51g8s9jREhQstpnnUOuMzDxD0wk7iqVXRZ6lkB0OUqNoOAlNWZVeX2JL7ufoAWraSVi_A7JWJd5r9vLI_u_LVPmPih7Zpumfgli9jD_wyzVcz3CAd_Hpcla6V_fDJ10Cx8PXxchOQ3t7WAOp1OFn8fmP6hr7heDYRuAEQCi2i4OwAtC8p_Zec1r7POLeauYPmJtzpFzsDw6RooiRsivH6RCUZpfYfzO8Ah9Z-St8rhKH_K6NAGz6k84MvGxCmiooJ3-VSjYtv_SNI7_Hnkk5sjjZf-sSP1ZV2CMHQIYotCMqLLtNMBB7F8U-ea4aiqku3a8zUdJQmmL9Z3S-fwi0cbsdpje4lLUYJ5BycspQxqkO-XtR-gZ2bHGYAbGgy6b03tf0viZdspNxwawv_D8HV81WxY-mCOVXIXIbyVjuAaonsKdWZpW87YfMmzt0BAvBI089gaYl-BkELSEUUPXVKsFqqOwHB4m_RxmIbbIeHM3gk_Jhgq4OjYQ1Tiyg0TliqieIos2mpOjUdZ_gkXACM45dAes-6rX7fMY6XiZPJ_fsKuWgL6TR7taVLYKFEZoW9m3aolz-X_WMSZ7NuUVuaIinxoHIjh6UkcQ56edN4sdSlo27T1U-Jo9Wn0gZNcnAOgPpEC-RYgty-CMqjsWz70BwGXjtefYEzzPC2JCdEB7c_12Uab9Kyu0Dof6A6k8CzkTfPG0rrf7FrrCd0vFMlFo9ZEF98rKTR9p1B74clzULI_HOoUqSCZFo2Pbsjjj6wtiQHT5sAIjkST6BiSm51sPdJEv-RdLldnCAJeFcPUorgRrhkDTFRbgwwBcVfW-1dcdGKSsK5LhBSi1b6fwanLJr64uhGQRcJ_F-ZW-vIOFQDgqHhsywmSyuCf_0aQfNo4WdMTLiTzuE8QRbZ7A7u48Lj01_pdpzvOgIqgU21V9nmsGKuvSn-WrRXBG_-S1mym0Ibu2SvlTyrTrpxuqW36S1prB081imZChDutTjRYsW9AO9YpHzMzNXKGjHZ2RXyug5t-Tu5FdN-yjc3sJoVM7IUwAVSR2nLbyMPfxvkjYGptJaQTha2Rsxeaz_gfX6jzg6aXP9G-366LjrNRlpOzm8t-biczNg3Yri60ARQ&cid=CAASBORo8UA&rfl=1%2Chttp%253A%252F%252Fs.yam.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash f19df5f3569b83172adf37e884e0e4add74a23c3e057cf60336a1fddcb87ab79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:06 GMT content-encoding gzip x-content-type-options nosniff age 21 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9258 x-xss-protection 0 server cafe etag 9058358164849487988 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:10:06 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 84C7	41 KB 15 KB	65ms 29ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcLplJ2S0KmtDhp2JfH8g2Px_cU4mUO6Yc1PMTQPrUAkZM31QfgIN-dn5DcByEOJ5JFGptGRnJAsic1rX1ZB84hyeXVDhU6SOZQMQdRiWVV4uHfYENFsBqFZfREuDqYvF73T2-A7wD2o0f4E4h5Uv1HrZWjw&cry=1&dbm_d=AKAmf-CO8JiyFbwH4gaKxu-Kg1AC1oMk1U8u0N8m4XS7WcBURV7IxUP0q6t2m3gNTWXJm3vJVAIKSWXzCaF7_kG4bvnuI3sYtYPjaxBNyPVvPkUss8DnVZs5A3-cu9cwUrm2P72B3zKWC1GEqj59dm8q5nuAEKElzEbIeTrDwqjfOyzQk0E_9uLgzpBJC1DgFryejHPBBdUoa6i1oOrnzsapK9mgqQThlVVFUsYztLAZXYOqiHazrYbg0Krs8Y8svPXEm0VNzj1x_i48CTJANu8SA3sUh_v-Y9kWsn5qU-lOun-fCp739i1Rye7ycuRCBPRz17e06m1nHlRU9EVtp4sckmWKfEP9E72q8W-IPem3Ln4DfckAlU4l8HiP2Z98tGAHLpn07RLIVGxFnhPjJmQR2Bwr3T8vsx-7Er7buyWoD0wu9mhyjB4Q7XNcP0N43nC8FLkxF8miNeqz5G0NQp4z8eFn2xJ3QnnSWb6nZVfBmfGJvrXB_75H1Em1EkB0bUaEHd3_SeFT2O__bXHbMyWMUikG2h1MqjACbMFMEsVrvCgaDZ7sMi4stvfm6BsQzdPEBWle85nnJOpIz-vcSLYwEQW9lz7YBSbkpqW9dzS_MZOOf16AUeK0V76OA-irQ4EsI0EKJuWlr5N4KkeudFt2Ehizc9-oLLil53hkDPDkdlxzEUhLiwgbob9ghhOwGjIAyeBIqYymqsuDUIqxtRchv0hXSBOCGSo6Ew0BmlzZiNeRULE6ynPS865huh8Mf1kyIrdmt4CPUf6q85K8_xSTJvuzTNm7W9hpXNCjYQadTyBUPum8OOJnLUpBq8DIpbKbePhP6roGF26U_QDO4RZhrJWNNFqm2gSDilxq9qiYNuTZY5QDDa4V_aUEi7FJTgfIAffqH1kTYK1fFodtQ492F9TIVXQxIFSyhtF3Vql-Gi52ZBWEqT29vAijo7-8Eqcy26KKuhlq16O31IhuaEgFICJUY_rmwMS3a0bP1dchKK6P-7NoYLXHtgkSujSuXhypQxWKs4Z4pSbJAdbrNo0wACPDqqIAt37nE58oDxUqcYfRFVHrT_2ULtj7txFs9AYsrlE51MllwmWopfIsoEudOeNomZudENv9ln8-i_DO2CSsyojiDxko-lopzF6lYi3160wR56goqD5_B4bzEwZrO7U-Sx-R0QZmgS87-yQxlXdHPXRVZSjJIbwyJFpmVDrySlf8z4YUwk_u0CS-wkqNoA7L_-4Pbw5ri53-aMw8UMT7UCW2MoEAvFerGlgOJ_J1yq1V5mbPuntt5EByVLQOwiseJWNjK6u5VSdo6M_n6orPn6sKjTDFn75uCIsUX-DkR8GMT3kCA70nTCrNK-Zvc3Is4nJIa2hmRGcraHQDTYu_4_uC1vaNmZeRT25ZZnEqBvZpigwus1dVafy-BIz9p6On_mKAvBnQCmn0G_1LabfzJB5WZujLJQ5kar6ODHpVwOZwfZsIAFFYWaFjrA3FGdKw4Kzj5sh5ZuO6AH3EYmwSomCsM2GaBNmTO9fC6FpgMVVlOAC_bKiEqywc2oVMA1gwCFDjfZZr60EaU9ZO_0WkNsi6cM8Et0sfXqpUt80mDXszJHo6nkG_hlSumJKWlkMJ8_GmLegIIY8DMqKAfisCOYlqqEpjY91ELUnWdtBBzuTIsJpAdj68_TjM21X4dLKUmHx4ZZeJxiUGLvu8WcSKIKy6-vfmrmbcrzZdedNuh5dow6ID7GI0aoq_qg-xErKIlcuPW3alhjG3rA-bwH7LRCPeHWq3C51g8s9jREhQstpnnUOuMzDxD0wk7iqVXRZ6lkB0OUqNoOAlNWZVeX2JL7ufoAWraSVi_A7JWJd5r9vLI_u_LVPmPih7Zpumfgli9jD_wyzVcz3CAd_Hpcla6V_fDJ10Cx8PXxchOQ3t7WAOp1OFn8fmP6hr7heDYRuAEQCi2i4OwAtC8p_Zec1r7POLeauYPmJtzpFzsDw6RooiRsivH6RCUZpfYfzO8Ah9Z-St8rhKH_K6NAGz6k84MvGxCmiooJ3-VSjYtv_SNI7_Hnkk5sjjZf-sSP1ZV2CMHQIYotCMqLLtNMBB7F8U-ea4aiqku3a8zUdJQmmL9Z3S-fwi0cbsdpje4lLUYJ5BycspQxqkO-XtR-gZ2bHGYAbGgy6b03tf0viZdspNxwawv_D8HV81WxY-mCOVXIXIbyVjuAaonsKdWZpW87YfMmzt0BAvBI089gaYl-BkELSEUUPXVKsFqqOwHB4m_RxmIbbIeHM3gk_Jhgq4OjYQ1Tiyg0TliqieIos2mpOjUdZ_gkXACM45dAes-6rX7fMY6XiZPJ_fsKuWgL6TR7taVLYKFEZoW9m3aolz-X_WMSZ7NuUVuaIinxoHIjh6UkcQ56edN4sdSlo27T1U-Jo9Wn0gZNcnAOgPpEC-RYgty-CMqjsWz70BwGXjtefYEzzPC2JCdEB7c_12Uab9Kyu0Dof6A6k8CzkTfPG0rrf7FrrCd0vFMlFo9ZEF98rKTR9p1B74clzULI_HOoUqSCZFo2Pbsjjj6wtiQHT5sAIjkST6BiSm51sPdJEv-RdLldnCAJeFcPUorgRrhkDTFRbgwwBcVfW-1dcdGKSsK5LhBSi1b6fwanLJr64uhGQRcJ_F-ZW-vIOFQDgqHhsywmSyuCf_0aQfNo4WdMTLiTzuE8QRbZ7A7u48Lj01_pdpzvOgIqgU21V9nmsGKuvSn-WrRXBG_-S1mym0Ibu2SvlTyrTrpxuqW36S1prB081imZChDutTjRYsW9AO9YpHzMzNXKGjHZ2RXyug5t-Tu5FdN-yjc3sJoVM7IUwAVSR2nLbyMPfxvkjYGptJaQTha2Rsxeaz_gfX6jzg6aXP9G-366LjrNRlpOzm8t-biczNg3Yri60ARQ&cid=CAASBORo8UA&rfl=1%2Chttp%253A%252F%252Fs.yam.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 21:29:49 GMT content-encoding gzip x-content-type-options nosniff age 427238 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Sep 2022 21:29:49 GMT
GET H3	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/	145 KB 52 KB	63ms 62ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 23a74cf1be0759a2eea9eb4b0a0b70e94995dcea9c7c429948d5539c70e3c704 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53094 x-xss-protection 0 server cafe etag 3656534579748748124 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 20:10:27 GMT
GET H3	200	impl_v79.js Show response www.googletagservices.com/dcm/ Frame 84C7	37 KB 16 KB	19ms 19ms	Script text/javascript	142.250.179.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v79.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.179.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s31-in-f2.1e100.net Software sffe / Resource Hash 44abe3410418a547f3412ba93a94ffdfd1dbadf9c785418af8ef15d7877fa2c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 19:31:04 GMT content-encoding gzip x-content-type-options nosniff age 88763 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15928 x-xss-protection 0 last-modified Mon, 13 Sep 2021 19:19:29 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 13 Sep 2022 19:31:04 GMT
GET H2	200	B26402867.313133072;dc_ver=79.228;dc_rxp=1;sz=300x250;u_sd=1;dc_adk=356101039;ord=8s2mpt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoIr7swFBYcTQB4uHwuIP166XQMr04ZZ... Show response ad.doubleclick.net/ddm/adj/N5631.270598.5432124578521/ Frame 84C7	40 KB 21 KB	102ms 52ms	Script text/javascript	172.217.169.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N5631.270598.5432124578521/B26402867.313133072;dc_ver=79.228;dc_rxp=1;sz=300x250;u_sd=1;dc_adk=356101039;ord=8s2mpt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoIr7swFBYcTQB4uHwuIP166XQMr04ZZlzaKXy6UO8C4QASDM3YchYMkGyAEJqAMBqgS-AU_Qxx8Otu3wm78-jtRPiXq4Zb9La8YNYuqi7_PmYz-rfehiJzVlixknQBwoNGbAz01Q3twqIkG7nqADanQ6jcoAV7wlaufctLSynIpm96-kBSUfXIJLY_oxwy_5qOQ7S70lRT-IvLWVF_kSD8O0IaiD1fT0KNIMdyzeuah0XFBDvKqC_LImyKXU-fKWwyEgp35oBNSAkbW21I6EA060uTw44oTF1tV2F1aehX58wdn6VVetTPeYTipUiit66-bABKXFqtXXA-AEA5AGAaAGTYAHhIuFOKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATtsLFDMgTlteb3gPQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORo8UA%26sig%3DAOD64_1uqlkh_SujzTBmg8bwqI4aZeRFjg%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-AkYs5yX4RmVCQ-_lp3vqWhaecUKdiXWvi3sXuYsmSH21SPFs0nsiFH8NNSUbqnsv_iQ-ssT5FOYEcZ3LlYqv8Y28682lNzGALRKFHQ9Y4UscgZGTntlFrVKFT_CAFnzwYeInuT6u4D0idI8rZr6w4io8es8Q%26cry%3D1%26dbm_d%3DAKAmf-CzdsMVVAmbVPPJivoH3H0e_WU6cYztJFlM0aYa8dvZk11kdEazF8azvMLHRcZ23J-7a2O_iBMO5cDvG9qKXBNw7jInSXbXMLJW4v5h6s7a1dObNVReqQasWhI16AujKuogCzw2YhI3WQHRWRxjxolnZcIFKacVyWcDlhcT9oFxkiZNJ9SBNr7lhR4lzw5iaatr18r_xLGouh3Aa5x2f-h1kc8-cgw-A1KuvfgpvpDyBIOQ8-FJT9YjwQX0-QhmRBaVgfzgzHZrwCyYry4m8za1eLI4gzVbiIjzFCg_eQlOQNBq9-chf1n2NKr9pdHnJBnechIsOmYvEWIWHqd4Vwqv5JTjRTaOqZTO74xp1F-fIGAq6ByEE68csfZOSk55EKZVuFynZ1tdfcac3GR4qYObKmaXHNgB-cHt67g0ukv-CErepQcU0Suae2DI3lpe9z6wobNF%26adurl%3D;dc_rfl=1,http%3A%2F%2Fs.yam.com%2F$0;xdt=1;crlt=_se*(.uJG8;osda=2;sttr=31;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v79.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.169.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f6.1e100.net Software cafe / Resource Hash 7256c430eceac0dd84e21cc88c794034d092ff823d73ad917ff7f65477c61598 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:27 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20875 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 6860	22 KB 8 KB	29ms 29ms	Document text/html	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Thu, 09 Sep 2021 21:29:50 GMT expires Fri, 09 Sep 2022 21:29:50 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 427237 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	74ms 33ms	Script application/javascript	142.250.187.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=s.yam.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.187.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s33-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame D815	10 KB 5 KB	26ms 26ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://s.yam.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnSmEwbu97sSqLLEEn1DVmBcXru_UjLQD1o8PzzOJeLBAEWmOfq_f8coPATUlk; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://s.yam.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 14 Sep 2021 18:18:54 GMT expires Tue, 28 Sep 2021 18:18:54 GMT content-type text/html; charset=UTF-8 etag 13836150016441684253 x-content-type-options nosniff content-encoding gzip server cafe content-length 4591 x-xss-protection 0 age 6693 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	3965644466977487508 tpc.googlesyndication.com/simgad/ Frame 8475	13 KB 13 KB	36ms 36ms	Image image/png	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3965644466977487508?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwVtbCm0j4EyCwA-E5fLBx3VJ-CA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software sffe / Resource Hash 85633920fe1ac824bdc4a8b33ba4fc1d2af7506faa399f697389f6f2c5e207aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 22:32:29 GMT x-content-type-options nosniff last-modified Tue, 13 Jul 2021 13:01:55 GMT server sffe age 77878 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12917 x-xss-protection 0 expires Tue, 13 Sep 2022 22:32:29 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 8475	18 KB 7 KB	30ms 30ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:05:15 GMT content-encoding gzip x-content-type-options nosniff age 312 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7612 x-xss-protection 0 server cafe etag 7316329070599479730 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:05:15 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 8475	2 KB 1 KB	43ms 43ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:21 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:21 GMT
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 8475	0 0
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 8475	14 KB 6 KB	32ms 31ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:41 GMT content-encoding gzip x-content-type-options nosniff age 46 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6211 x-xss-protection 0 server cafe etag 18326705275735229343 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:41 GMT
GET H3	200	one_click_handler_one_afma_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 8475	26 KB 11 KB	44ms 44ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/one_click_handler_one_afma_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 13:57:08 GMT content-encoding gzip x-content-type-options nosniff age 22399 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10868 x-xss-protection 0 server cafe etag 12321585598139428879 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 13:57:08 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 8475	0 0	43ms 43ms	Fetch text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C-_7GswFBYcSOCJet3wOL4KPQC-eDs5Nlhs6ssqQO2dkeEAEgzN2HIWDJBqAB-PbS6QLIAQKpApsd08Zk1bM-qAMByAPJBKoErAFP0AUBURCYIQU1YqOaFLwF-DtXvAAt2ZJ-paQBRA09RvmbuOM19FtF7xYtKlfjYxs5iT28GIbekhR_IenrnbRW5IHWGmV_Q1buC-ZvXzlemZ-6OFb5P_zQ77FOroNvgKOyINRjnXBJZ5QhSXbiv1loBR6wRDdXMHUjFh9iCY2_3rR7ewry2QTG1nhe9Eef3YAB679gZZwM72mOW0IfH5CLoUhvFF5BFeN_kDKmwASr1aSU0wOSBQQIBBgBkgUECAUYBKAGAoAH8IitlgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEKu1D9IIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjY3NTAzNzI5Njg1Mzk2OBgA&sigh=aDYa6aiu5uk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 14 Sep 2021 20:10:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response pagead2.googlesyndication.com/bg/ Frame 6860	35 KB 13 KB	26ms 26ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software sffe / Resource Hash eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 19:41:58 GMT content-encoding br x-content-type-options nosniff age 1709 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13458 x-xss-protection 0 last-modified Mon, 06 Sep 2021 10:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Sep 2022 19:41:58 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame D815	4 KB 1 KB	107ms 37ms	Stylesheet text/css	172.217.169.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.169.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f10.1e100.net Software ESF / Resource Hash e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 14 Sep 2021 18:49:25 GMT server ESF date Tue, 14 Sep 2021 20:10:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Sep 2021 20:10:27 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D815	205 B 294 B	70ms 19ms	Image image/png	172.217.169.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.169.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 11:16:02 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 291265 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 expires Sun, 11 Sep 2022 11:16:02 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D815	604 B 988 B	69ms 19ms	Image image/png	172.217.169.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.169.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 12 Sep 2021 22:32:41 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 164266 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 expires Mon, 12 Sep 2022 22:32:41 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame D815	17 KB 8 KB	30ms 30ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 14:19:08 GMT content-encoding gzip x-content-type-options nosniff age 21079 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7656 x-xss-protection 0 server cafe etag 8352096984186353373 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 14:19:08 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2D02	143 B 163 B	27ms 27ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 accept-encoding gzip, deflate, br cookie IDE=AHWqTUnSmEwbu97sSqLLEEn1DVmBcXru_UjLQD1o8PzzOJeLBAEWmOfq_f8coPATUlk; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 14 Sep 2021 19:55:50 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 877 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame 84C7	8 KB 3 KB	28ms 26ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N5631.270598.5432124578521/B26402867.313133072;dc_ver=79.228;dc_rxp=1;sz=300x250;u_sd=1;dc_adk=356101039;ord=8s2mpt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoIr7swFBYcTQB4uHwuIP166XQMr04ZZlzaKXy6UO8C4QASDM3YchYMkGyAEJqAMBqgS-AU_Qxx8Otu3wm78-jtRPiXq4Zb9La8YNYuqi7_PmYz-rfehiJzVlixknQBwoNGbAz01Q3twqIkG7nqADanQ6jcoAV7wlaufctLSynIpm96-kBSUfXIJLY_oxwy_5qOQ7S70lRT-IvLWVF_kSD8O0IaiD1fT0KNIMdyzeuah0XFBDvKqC_LImyKXU-fKWwyEgp35oBNSAkbW21I6EA060uTw44oTF1tV2F1aehX58wdn6VVetTPeYTipUiit66-bABKXFqtXXA-AEA5AGAaAGTYAHhIuFOKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATtsLFDMgTlteb3gPQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORo8UA%26sig%3DAOD64_1uqlkh_SujzTBmg8bwqI4aZeRFjg%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-AkYs5yX4RmVCQ-_lp3vqWhaecUKdiXWvi3sXuYsmSH21SPFs0nsiFH8NNSUbqnsv_iQ-ssT5FOYEcZ3LlYqv8Y28682lNzGALRKFHQ9Y4UscgZGTntlFrVKFT_CAFnzwYeInuT6u4D0idI8rZr6w4io8es8Q%26cry%3D1%26dbm_d%3DAKAmf-CzdsMVVAmbVPPJivoH3H0e_WU6cYztJFlM0aYa8dvZk11kdEazF8azvMLHRcZ23J-7a2O_iBMO5cDvG9qKXBNw7jInSXbXMLJW4v5h6s7a1dObNVReqQasWhI16AujKuogCzw2YhI3WQHRWRxjxolnZcIFKacVyWcDlhcT9oFxkiZNJ9SBNr7lhR4lzw5iaatr18r_xLGouh3Aa5x2f-h1kc8-cgw-A1KuvfgpvpDyBIOQ8-FJT9YjwQX0-QhmRBaVgfzgzHZrwCyYry4m8za1eLI4gzVbiIjzFCg_eQlOQNBq9-chf1n2NKr9pdHnJBnechIsOmYvEWIWHqd4Vwqv5JTjRTaOqZTO74xp1F-fIGAq6ByEE68csfZOSk55EKZVuFynZ1tdfcac3GR4qYObKmaXHNgB-cHt67g0ukv-CErepQcU0Suae2DI3lpe9z6wobNF%26adurl%3D;dc_rfl=1,http%3A%2F%2Fs.yam.com%2F$0;xdt=1;crlt=_se*(.uJG8;osda=2;sttr=31;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:02:35 GMT content-encoding gzip x-content-type-options nosniff age 472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:02:35 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 84C7	0 545 B	106ms 41ms	Ping image/gif	142.250.187.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssA2HLOAQI0l8q5egVa4-4XbpEQ8Vv73jEgyqCipC5bmYVj4JSUUoYQwIF1oy2Hc-ViAvHri1AbHUN8Htz1W0Ql4BQnlH2Ok9BolS7loXcGPwnuxYwnuCNLMTwaHCrIspwCfxHHuWVST9xARswA19q73gke483CSl_Vhw&sig=Cg0ArKJSzKeNPYwqaqUVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210909.05381&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N5631.270598.5432124578521/B26402867.313133072;dc_ver=79.228;dc_rxp=1;sz=300x250;u_sd=1;dc_adk=356101039;ord=8s2mpt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoIr7swFBYcTQB4uHwuIP166XQMr04ZZlzaKXy6UO8C4QASDM3YchYMkGyAEJqAMBqgS-AU_Qxx8Otu3wm78-jtRPiXq4Zb9La8YNYuqi7_PmYz-rfehiJzVlixknQBwoNGbAz01Q3twqIkG7nqADanQ6jcoAV7wlaufctLSynIpm96-kBSUfXIJLY_oxwy_5qOQ7S70lRT-IvLWVF_kSD8O0IaiD1fT0KNIMdyzeuah0XFBDvKqC_LImyKXU-fKWwyEgp35oBNSAkbW21I6EA060uTw44oTF1tV2F1aehX58wdn6VVetTPeYTipUiit66-bABKXFqtXXA-AEA5AGAaAGTYAHhIuFOKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATtsLFDMgTlteb3gPQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORo8UA%26sig%3DAOD64_1uqlkh_SujzTBmg8bwqI4aZeRFjg%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-AkYs5yX4RmVCQ-_lp3vqWhaecUKdiXWvi3sXuYsmSH21SPFs0nsiFH8NNSUbqnsv_iQ-ssT5FOYEcZ3LlYqv8Y28682lNzGALRKFHQ9Y4UscgZGTntlFrVKFT_CAFnzwYeInuT6u4D0idI8rZr6w4io8es8Q%26cry%3D1%26dbm_d%3DAKAmf-CzdsMVVAmbVPPJivoH3H0e_WU6cYztJFlM0aYa8dvZk11kdEazF8azvMLHRcZ23J-7a2O_iBMO5cDvG9qKXBNw7jInSXbXMLJW4v5h6s7a1dObNVReqQasWhI16AujKuogCzw2YhI3WQHRWRxjxolnZcIFKacVyWcDlhcT9oFxkiZNJ9SBNr7lhR4lzw5iaatr18r_xLGouh3Aa5x2f-h1kc8-cgw-A1KuvfgpvpDyBIOQ8-FJT9YjwQX0-QhmRBaVgfzgzHZrwCyYry4m8za1eLI4gzVbiIjzFCg_eQlOQNBq9-chf1n2NKr9pdHnJBnechIsOmYvEWIWHqd4Vwqv5JTjRTaOqZTO74xp1F-fIGAq6ByEE68csfZOSk55EKZVuFynZ1tdfcac3GR4qYObKmaXHNgB-cHt67g0ukv-CErepQcU0Suae2DI3lpe9z6wobNF%26adurl%3D;dc_rfl=1,http%3A%2F%2Fs.yam.com%2F$0;xdt=1;crlt=_se*(.uJG8;osda=2;sttr=31;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.187.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 14 Sep 2021 20:10:27 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	McDEduWorkshops-WJ-300x250-72ppi.png s0.2mdn.net/2146177/ Frame 84C7	15 KB 15 KB	96ms 27ms	Image image/png	142.250.187.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/2146177/McDEduWorkshops-WJ-300x250-72ppi.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.187.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s34-in-f6.1e100.net Software sffe / Resource Hash bd1026a4655b2ec504d2c957b7362923b426a1e94c65a9b01801e37445f11075 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 13:06:40 GMT x-content-type-options nosniff last-modified Tue, 07 Sep 2021 21:25:47 GMT server sffe age 25427 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15114 x-xss-protection 0 expires Wed, 15 Sep 2021 13:06:40 GMT
GET H2	200	main.gr.19.8.243.js Show response static.adsafeprotected.com/ Frame 84C7	187 KB 60 KB	126ms 58ms	Script application/javascript	52.30.90.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.243.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/rjss/st/812943/56863858/skeleton.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.90.83 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-90-83.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:27 GMT content-encoding gzip last-modified Tue, 07 Sep 2021 21:28:29 GMT server nginx/1.16.1 age 81399 etag W/"f8ec101cfd4f34f35efecdff9eecac24" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 84C7	0 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A232	22 KB 8 KB	28ms 28ms	Document text/html	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Thu, 09 Sep 2021 21:29:50 GMT expires Fri, 09 Sep 2022 21:29:50 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 427237 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 84C7	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11a2ce0079bb9904bf17ae828faea3c0c825eb40c877ae422f7a3d684008e1e0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2D02 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	34ms 33ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226699&bpp=1&bdt=715&idt=364&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4230344363761&frm=20&pv=1&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NiXZBFTerX&p=http%3A//s.yam.com&dtd=367 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si?st=NO_DATA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnSmEwbu97sSqLLEEn1DVmBcXru_UjLQD1o8PzzOJeLBAEWmOfq_f8coPATUlk; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 14 Sep 2021 20:10:27 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Tue, 14-Sep-2021 21:10:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:27 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 14 Sep 2021 20:10:27 GMT server safe content-length 257 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response pagead2.googlesyndication.com/bg/ Frame A232	35 KB 13 KB	26ms 26ms	Script text/javascript	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software sffe / Resource Hash eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 19:41:58 GMT content-encoding br x-content-type-options nosniff age 1709 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13458 x-xss-protection 0 last-modified Mon, 06 Sep 2021 10:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Sep 2022 19:41:58 GMT
GET H3	200	css fonts.googleapis.com/ Frame 67FC	3 KB 578 B	52ms 26ms	Stylesheet text/css	172.217.169.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.169.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f10.1e100.net Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 14 Sep 2021 18:48:50 GMT server ESF date Tue, 14 Sep 2021 20:10:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Sep 2021 20:10:27 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 67FC	1 KB 857 B	29ms 28ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:02:59 GMT content-encoding gzip x-content-type-options nosniff age 448 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 830 x-xss-protection 0 server cafe etag 3558876194914413708 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:02:59 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 67FC	18 KB 7 KB	29ms 29ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:05:15 GMT content-encoding gzip x-content-type-options nosniff age 312 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7612 x-xss-protection 0 server cafe etag 7316329070599479730 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:05:15 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 67FC	2 KB 1 KB	29ms 29ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:21 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:21 GMT
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 67FC	0 0
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 67FC	14 KB 6 KB	30ms 29ms	Script text/javascript	216.58.213.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.213.1 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ber01s14-in-f1.1e100.net Software cafe / Resource Hash 127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:09:41 GMT content-encoding gzip x-content-type-options nosniff age 46 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6211 x-xss-protection 0 server cafe etag 18326705275735229343 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 28 Sep 2021 20:09:41 GMT
GET H3	200	8b8c639f95e935c054a6465040a495ee.js Show response www.gstatic.com/mysidia/ Frame 67FC	26 KB 11 KB	43ms 18ms	Script text/javascript	172.217.169.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.169.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr48s08-in-f3.1e100.net Software sffe / Resource Hash 42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:57:47 GMT content-encoding gzip x-content-type-options nosniff age 544360 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10883 x-xss-protection 0 last-modified Fri, 03 Sep 2021 02:45:39 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 07 Dec 2021 12:57:47 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 84C7	0 23 B	74ms 41ms	Ping image/gif	142.250.187.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssA2HLOAQI0l8q5egVa4-4XbpEQ8Vv73jEgyqCipC5bmYVj4JSUUoYQwIF1oy2Hc-ViAvHri1AbHUN8Htz1W0Ql4BQnlH2Ok9BolS7loXcGPwnuxYwnuCNLMTwaHCrIspwCfxHHuWVST9xARswA19q73gke483CSl_Vhw&sig=Cg0ArKJSzKeNPYwqaqUVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&vt=11&dtpt=179&dett=2&cstd=0&cisv=r20210909.05381&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N5631.270598.5432124578521/B26402867.313133072;dc_ver=79.228;dc_rxp=1;sz=300x250;u_sd=1;dc_adk=356101039;ord=8s2mpt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoIr7swFBYcTQB4uHwuIP166XQMr04ZZlzaKXy6UO8C4QASDM3YchYMkGyAEJqAMBqgS-AU_Qxx8Otu3wm78-jtRPiXq4Zb9La8YNYuqi7_PmYz-rfehiJzVlixknQBwoNGbAz01Q3twqIkG7nqADanQ6jcoAV7wlaufctLSynIpm96-kBSUfXIJLY_oxwy_5qOQ7S70lRT-IvLWVF_kSD8O0IaiD1fT0KNIMdyzeuah0XFBDvKqC_LImyKXU-fKWwyEgp35oBNSAkbW21I6EA060uTw44oTF1tV2F1aehX58wdn6VVetTPeYTipUiit66-bABKXFqtXXA-AEA5AGAaAGTYAHhIuFOKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATtsLFDMgTlteb3gPQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORo8UA%26sig%3DAOD64_1uqlkh_SujzTBmg8bwqI4aZeRFjg%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-AkYs5yX4RmVCQ-_lp3vqWhaecUKdiXWvi3sXuYsmSH21SPFs0nsiFH8NNSUbqnsv_iQ-ssT5FOYEcZ3LlYqv8Y28682lNzGALRKFHQ9Y4UscgZGTntlFrVKFT_CAFnzwYeInuT6u4D0idI8rZr6w4io8es8Q%26cry%3D1%26dbm_d%3DAKAmf-CzdsMVVAmbVPPJivoH3H0e_WU6cYztJFlM0aYa8dvZk11kdEazF8azvMLHRcZ23J-7a2O_iBMO5cDvG9qKXBNw7jInSXbXMLJW4v5h6s7a1dObNVReqQasWhI16AujKuogCzw2YhI3WQHRWRxjxolnZcIFKacVyWcDlhcT9oFxkiZNJ9SBNr7lhR4lzw5iaatr18r_xLGouh3Aa5x2f-h1kc8-cgw-A1KuvfgpvpDyBIOQ8-FJT9YjwQX0-QhmRBaVgfzgzHZrwCyYry4m8za1eLI4gzVbiIjzFCg_eQlOQNBq9-chf1n2NKr9pdHnJBnechIsOmYvEWIWHqd4Vwqv5JTjRTaOqZTO74xp1F-fIGAq6ByEE68csfZOSk55EKZVuFynZ1tdfcac3GR4qYObKmaXHNgB-cHt67g0ukv-CErepQcU0Suae2DI3lpe9z6wobNF%26adurl%3D;dc_rfl=1,http%3A%2F%2Fs.yam.com%2F$0;xdt=1;crlt=_se*(.uJG8;osda=2;sttr=31;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.187.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s33-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 14 Sep 2021 20:10:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 134D	143 B 163 B	26ms 26ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 accept-encoding gzip, deflate, br cookie IDE=AHWqTUnSmEwbu97sSqLLEEn1DVmBcXru_UjLQD1o8PzzOJeLBAEWmOfq_f8coPATUlk; test_cookie=CheckForPermission; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 14 Sep 2021 19:55:50 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 878 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame 84C7 Redirect Chain https://pixel.adsafeprotected.com/rfw/st/812943/56863858/skeleton.js?adsafe_url=http%3A%2F%2Fs.yam.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_... https://static.adsafeprotected.com/skeleton.js	17 B 241 B	35ms 34ms	Script application/javascript	52.30.90.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.90.83 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-90-83.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:28 GMT last-modified Mon, 17 Aug 2020 23:54:35 GMT server nginx/1.16.1 age 15581810 etag "53fab767ecbd3bf07990b10246befbd4" x-cache-status HIT content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 17 Redirect headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name app13.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame 4840	80 KB 21 KB	30ms 30ms	Script application/javascript	52.30.90.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.90.83 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-90-83.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 20:10:28 GMT content-encoding gzip last-modified Thu, 19 Aug 2021 16:31:24 GMT server nginx/1.16.1 age 1736134 etag W/"9304f57298c3834ff107ea7ccb547996" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	dt dt.adsafeprotected.com/ Frame 84C7	43 B 215 B	290ms 95ms	Image image/gif	34.197.135.169 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=812943&asId=1f14df21-3113-64a2-e28c-544f2d960486&tv=%7Bc:odNi7Y,pingTime:-3,time:253,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:228%7D,%7Bpiv:0,vs:o,r:l,t:253%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:253,n:253,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJ1c4CJ+11%7C12*.812943-56863858%7C121%7C122%7C1231%7C131%7C14%7C15%7C1611,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-135-169.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name dt09.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 84C7	43 B 216 B	285ms 94ms	Image image/gif	34.197.135.169 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=812943&asId=1f14df21-3113-64a2-e28c-544f2d960486&tv=%7Bc:odNi7Z,pingTime:-6,time:254,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:254,n:253,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJ1c4CJ+11%7C12*.812943-56863858%7C121%7C122%7C1231%7C131%7C14%7C15%7C1611,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:s.yam.com&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-135-169.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name dt04.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6860	0 20 B	38ms 38ms	Image image/gif	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW9DLswFBYY32I8qC-wbqu574BQAAAAA4AeAEAg&bg=!ubqluv7NAAYT0U73E9E7ACkAdvg8WgcfOXeHmchDCY-FObfJEzlmwJC7sBz25EgpNcXzsf9s2zR2IwIAAADIUgAAADFoAQcKAN43cHA7044qQGOfTzqDFV3qBBvQj6DpTcpzGq3qJhz1lCTp4qXNVDzaC8HnbC2RlqCdX0baVKJVbRh_TCHuPkzhsOs27ToLBzHebMteUH8r9Qw39h6pZqzGYQ7VF6tdfJF3cqcvRHmaDeOMatvj4_kwyG_5aNmdA58hLLGxw3LfdMlKcPDzXH25oLyg3R1sJsiD_AKiMluW2DQ0v6yD-pQxE47DvIR11lhX8WTztz5N-YFY06IkfV-sIQC_urgDoMlacMfYUNI4Yh61zPnhuwbNrrYZ4j3s-PGgBx0Lq8WZArAZwQ73VX4ijuRXm9Zx8KRa4LUOI7ZhWWbqTaFtrUzbsSkmXQGNBChHC3rEUjLiA_JDmyLDTvNkhM4oidxLmX5_oiH3t1uEPQTMflsAhDNhaUi4RiLO5u6HCKR-JFHtAmnxw2KhFVPgisNlBjeANygNm8hVS_mSd2FXmDWUfGgoFc55pYj-0_8rqopcKSr24LXao7dA8zf1nwhIMvV_X6pNhBg28PgmQBR_hyhIVdeOnSEuktJvhwfKihNiZqVnMja9trs5TBrj4HiigoajHSEucpOX19Ch8B4uMGKpJ_sJs9gHczPvxuum0Fc2ZDxnIwvRCaBrLpqxfveRVm6kBVQ4jYIC9pH0nDfiGe_Y1iB7bqnqDNfYHG8qB08vNagrSIV6RQ97gPe6r570_dCpLXUfHcy6PO6lcC8cijFVlRqilg09CMc3EQ7uzKmLREfZHWnLMnXcPQgnweIIAsiriQi40bzKRxUooL_SoZk_VlVzrQv8ZT3OmF4pYxH9TfoCxpcSZNoqW0_BUZ65CrDdmR-91e_vszQ9P0yPGytsZmrg-dYpY_qEK9HKwT5Cuv54t-I_7wwc1kUH6e4Su9Yx5re3tSJzp0z11LU2NTJ6rGfqxcEG8_OYT22qbksWLJSacWMfNIhop9-MIaUZCm5aSqAUugLej7_CACO3M9tkmiw6_m3KxAww5oAdqZQVLH7jQfFFOaQSY_4m4O-jwhODpOLUCesfHwjXoIHMUW9FZ7NtNZKLrHzNjVEFgMq_OHw1Yz2riiwPbpA6YL08sg7Uo-gGUJRgpXUkT3YqBgzexL3oseuRcKmUvxGb-Zh5wmYcDHh5IZgNAw1CAccjEFD6zYF8A4_X2Wj3rnE6zYHYLDfcSx1C7iBUAoJyy1uM4TkdEBEPy334ILgdXUO0BsNYClFq Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 84C7	43 B 215 B	280ms 95ms	Image image/gif	34.197.135.169 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=812943&asId=1f14df21-3113-64a2-e28c-544f2d960486&tv=%7Bc:odNi88,pingTime:-2,time:263,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:492,bdZ:624,beA:781,beZ:782,mfA:996,cmA:997,inA:997,inZ:999,prA:999,prZ:1004,si:1009,poA:1010,poZ:1022,cmZ:1022,mfZ:1022,loA:1035,loZ:1038,ltA:1044,ltZ:1044%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:228%7D,%7Bpiv:0,vs:o,r:l,t:253%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:263,n:253,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJ1c4CJ+11%7C12*.812943-56863858%7C121%7C122%7C1231%7C131%7C14%7C15%7C1611,idMap:12*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:33,readyFired:false%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-135-169.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name dt05.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 134D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 18 B	33ms 32ms	Document text/html	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si?st=NO_DATA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnSmEwbu97sSqLLEEn1DVmBcXru_UjLQD1o8PzzOJeLBAEWmOfq_f8coPATUlk; test_cookie=CheckForPermission; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 14 Sep 2021 20:10:28 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Tue, 14-Sep-2021 21:10:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 14 Sep 2021 20:10:28 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 14 Sep 2021 20:10:28 GMT server safe content-length 257 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A232	0 20 B	38ms 37ms	Image image/gif	142.250.180.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhQIvswFBYd7QL-fGzAbrzLqQDQAAAAA4AeAEAg&bg=!oaKloubNAAYT0U73E9E7ACkAdvg8WvP_u9kDwXibzeS-2HzQZd094UwPSDpssBlX8KBVWqQo7BgNPAIAAAChUgAAAAloAQcKAOp8zPb3ktiu-SFkGSK-e_66oJ9bIK6XKCaEz1R2qkswmSiYJTLBoRa6_HG1tKRqoCImvUxaXPTfxBdxUPoVsxcGKZXS4qSEE5WWEEcu6859Y7LWFt8n73lY2DHcPK4k55YaW06dM5BJ0BqTC_tRmVxQlICCU1mlfy-A8DM5h1k6OOcieIitC6uNGES-az4dHU-1UaFwatbsnNGmKB_2FiRJJMl1YQokNagJfsX7pyydYgGoCp-1TR8AEUF161TCGvtTZSZcfo7VoAEkYf0wajHx1D1_eqcYsjKpr6QLjUmyAk1uHO3u4q9oAD6ZApUd69Y5tL5a5C2Oh39Pq7Qe9Q72JF-BnWPgtaCLfHmRCrZjoFa7yYCuodyyHb9m5cws4FTHozd9jKZap8oxVODZkJGXtAF67DdfOdmJW4N8ck5P31oLmWs3qp4bv830PPvVWLXFusmLZpd7XfznwuRG8nwJRxka6_7-sJx8Qbcm11vgtI0fYLssi4_j9lZt8Da31mql7FEKq0DR7z8MfwZncO--bdMEUrq0mRHcUtGWz5H6juTZrz0WyVA3evjvqHXoz05r7q5lEZYCUP56XSUEkVYvEL6X7aSk0onplvzeKROrVrxWb9WGJuKz3u1BoNW-PksLKvef8E4jdToq2-72alf1y4bV7A3b51zlygGhBjQg03klPpDKp0eDU0ZhIHCTe3iMLBFpjdzF-d6FQwSIARx_UgX7Unqfwn7UIUt6FRhQYKfwxxd5wSuVm1ziLUKygVqFRFqwnnPY5nQcH0NY55Vi6yikj2UTzcpHN5B5B2TvHwE97fbDZWdySMXN0EAHIuvRSH4TePFpLmV1xNmG7nqu4U117ToKGF7hZGMALVIQ_fZmW6-wnQ9kyQ67lQ5ZVmmmC8t5SPWoK5Cn51E5fPhzFtItVqMrRutehX_yFoQ_Dfw-XjVmNbhxnRXcay-WMkvqyV07tS7TTSd07p-1f-xqHx1sco-Sq1hTQkNaIzsuUJO3sxpQYmYJw4Z_if0_rjZQPx7ziNBEcmtM6yzEOA7D-_8XJz0Gk3l73F6lsqx0bqthyUqce0Gd7rQVxRbp7bLEbSf7bpHYTLXq1jOTvwdHAp-0GX9J2aMn1ZV7mQjttQKR-nHvmdGVAEJgcZ4FBs55MjkMGSslxHiPUw7dJLq9APpPgqTlQz64wXMlzGSk5Q-r Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.180.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr25s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 84C7	43 B 215 B	190ms 95ms	Image image/gif	34.197.135.169 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=812943&asId=1f14df21-3113-64a2-e28c-544f2d960486&tv=%7Bc:odNi9z,time:352,type:e,im:%7Bimprf:%7Bttecl:600,ecd:35,tsecr:1%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:352,n:253,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJ1c4CJ+11%7C12*.812943-56863858%7C121%7C122%7C1231%7C131%7C14%7C15%7C1611,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-135-169.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name dt08.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 84C7	43 B 215 B	94ms 94ms	Image image/gif	34.197.135.169 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=812943&asId=1f14df21-3113-64a2-e28c-544f2d960486&tv=%7Bc:odNid9,pingTime:-10,time:574,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1631650228415%7C%7C6e351b82b06c4c824b8cc4bb4ad8b3a4%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Cba3bd82acc17756890c4e756d2f7e4fa%7C%7C46b56db34a3c63c2e9998781b0470a8f%7C%7C8e9de3a31be091319c70660e69c9428b%7C%7C54a41060fc8857f60c9d45682f731cee%7C%7C585c209b793872b8961e2aeb5102f007%7C%7C1629390669%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1631650227&psa=0&format=300x250&url=http%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&dt=1631650226667&bpp=32&bdt=684&idt=373&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=4230344363761&frm=20&pv=2&ga_vid=1602004334.1631650227&ga_sid=1631650227&ga_hid=2101465248&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C44748552%2C31062297&oid=3&pvsid=4025109234208774&pem=99&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsxSM58ai8&p=http%3A//s.yam.com&dtd=391 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-135-169.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 20:10:28 GMT x-server-name dt09.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914