officialoomph.com Open in urlscan Pro
2606:4700:3033::6815:15cf Public Scan

Go To Rescan
Add Verdict Report

URL:
http://officialoomph.com/
Submission: On February 27 via api (February 27th 2024, 6:34:35 am UTC) from DE — Scanned from DE

Summary HTTP 50 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3033::6815:15cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is officialoomph.com.

This is the only time officialoomph.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3033::6815:15cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	58.222.51.1 58.222.51.1	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
16	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
50	10

5 2606:4700:3033::6815:15cf (United States)

ASN13335 (CLOUDFLARENET, US)

officialoomph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 58.222.51.1 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	403 KB
9	oneinstack.com static.oneinstack.com	1 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	81 KB
5	officialoomph.com officialoomph.com	8 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	44 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
50	7

	Domain	Requested by
16	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com officialoomph.com
9	tpc.googlesyndication.com	www.gstatic.com tpc.googlesyndication.com pagead2.googlesyndication.com officialoomph.com
9	static.oneinstack.com	officialoomph.com
5	officialoomph.com	static.oneinstack.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	tpc.googlesyndication.com
50	9

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
t.me

Subject Issuer	Validity	Valid
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2023-05-03` - `2024-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://officialoomph.com/
Frame ID: EE278E8077F02C037255FC48591F4570
Requests: 13 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 295BD95D6EE08BF5F67FCBA2D59A5DCA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 9553B544F63B7D961E75D951D0AA2393
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1709015669323&bpp=112&bdt=116&idt=281&shv=r20240221&mjsv=m202402210101&ptt=5&saldr=sd&correlator=2010958368029&frm=22&ife=1&pv=2&ga_vid=510411456.1709015670&ga_sid=1709015670&ga_hid=1429665193&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31081136%2C95325068%2C95320378%2C95324154%2C95324160%2C21065724&oid=2&pvsid=917733176347092&tmod=564565472&uas=0&nvt=1&top=http%3A%2F%2Fofficialoomph.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.y7hqn7adm4xp&fsb=1&dtd=290
Frame ID: 3FAB7C6DE9AEF1E192A4102F0AAB2CD5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
Frame ID: E95399D5B10EE60173563830133FC6B4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
Frame ID: C4C4358E1C2878D0CCAD853C77837BBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FB0978A4288E7AC5F8EB74957634610
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C124580FEAE2D20AB5015981E79453D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

50
Requests

90 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

1681 kB
Transfer

2844 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
officialoomph.com/ 16 KB
4 KB 301ms
110ms Document
text/html 2606:4700:3033::6815:15cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://officialoomph.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:15cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85be66ebffef7913-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 27 Feb 2024 06:34:26 GMT
Last-Modified: Fri, 27 Oct 2023 08:15:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpXsBof03gF4FgmLQqMwar%2FuW1dB5GCxOmH%2B13s49IQD2sRVmutbR7JnlDXHlvZB4qbeUSNFBsOAgdpB9e39oCGP5kyEhrthBue9lfPCpEQl0%2Bdwf1xjZHF7slPekGPR0inEZHphappLt0Dw5X0qXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK ois.css
static.oneinstack.com/assets/ 139 KB
22 KB 2667ms
341ms Stylesheet
text/css 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois.css

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 23 Feb 2024 10:22:38 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 331911
x-link-via: taizct103:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-35, HIT from KS-CLOUD-TAIZ-CT-103-11
Connection: keep-alive
Content-Length: 21572
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-22ce3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: fca103153821ba7133ba3918ff4bf443
Expires: Sun, 24 Mar 2024 10:22:38 GMT

GET
H/1.1 200
OK vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 2680ms
328ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 15:08:16 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 2301973
x-link-via: taizct103:443;ldmp12:443;
ETag: "64dd97f1-5ece5"
X-Cache-Status: HIT from KS-CLOUD-LD-MP-12-18, HIT from KS-CLOUD-TAIZ-CT-103-30
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: af10f7f13b65296a643a22552a85016a
Content-Length: 388325
Expires: Fri, 01 Mar 2024 15:08:16 GMT

GET
H/1.1 200
OK vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 3810ms
1455ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost_del.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 02:44:56 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 2173774
x-link-via: taizct103:443;whmp01:443;
ETag: "64dd97f1-bd02"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-02, HIT from KS-CLOUD-TAIZ-CT-103-27
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 7b89262f3d7dc0b8b2358cdd95462383
Content-Length: 48386
Expires: Sun, 03 Mar 2024 02:44:56 GMT

GET
H/1.1 200
OK pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 2715ms
349ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/pureftpd.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 23 Feb 2024 16:41:59 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 309150
x-link-via: taizct103:443;lymp01:443;
ETag: "64dd97f0-20c9f"
X-Cache-Status: HIT from KS-CLOUD-LY-MP-01-25, HIT from KS-CLOUD-TAIZ-CT-103-18
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 09effc20cae416c134b8b8972ce1c286
Content-Length: 134303
Expires: Sun, 24 Mar 2024 16:41:59 GMT

GET
H/1.1 200
OK backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 2867ms
313ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/backup_setup.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 23 Feb 2024 10:22:38 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:48 GMT
Server: nginx
Age: 331911
x-link-via: taizct103:443;whmp01:443;
ETag: "64dd97ec-1d97f"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-12, HIT from KS-CLOUD-TAIZ-CT-103-17
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: b78fc7159b19e5e4346f3ab7aabce6e9
Content-Length: 121215
Expires: Sun, 24 Mar 2024 10:22:38 GMT

GET
H/1.1 200
OK upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 3031ms
346ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/upgrade.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 23 Feb 2024 10:22:39 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 331910
x-link-via: taizct103:443;jnmp22:443;
ETag: "64dd97f0-24505"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-22-08, HIT from KS-CLOUD-TAIZ-CT-103-07
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: b9f3d9c2ec06c5cd0f921807de27387a
Content-Length: 148741
Expires: Sun, 24 Mar 2024 10:22:39 GMT

GET
H/1.1 200
OK uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 1016ms
1015ms Image
image/png 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/uninstall.png

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Fri, 23 Feb 2024 16:55:19 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 308351
x-link-via: taizct103:443;jnmp13:443;
ETag: "64dd97f0-3a9a8"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-13-18, HIT from KS-CLOUD-TAIZ-CT-103-04
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 1c3aec22b9eb77a1527af478b36939ec
Content-Length: 240040
Expires: Sun, 24 Mar 2024 16:55:19 GMT

GET
H/1.1 200
OK ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 3566ms
1249ms Script
application/javascript 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois20190114.js

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 08:53:23 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 2238067
x-link-via: taizct103:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-04, HIT from KS-CLOUD-TAIZ-CT-103-24
Connection: keep-alive
Content-Length: 62047
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-32de6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: 438279e23f402ca1980a28698b7a5757
Expires: Sat, 02 Mar 2024 08:53:23 GMT

GET
H/1.1 200
OK ad_buttom.html Show response
static.oneinstack.com/ Frame 295B 629 B
970 B 2552ms
276ms Document
text/html 58.222.51.1
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/ad_buttom.html

Requested by

Host: officialoomph.com
URL: http://officialoomph.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

58.222.51.1 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://officialoomph.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 2388205
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 403
Content-Type: text/html
Date: Tue, 30 Jan 2024 15:11:04 GMT
ETag: W/"64dd97eb-275"
Expires: Thu, 29 Feb 2024 15:11:04 GMT
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-Cache-Status: HIT from KS-CLOUD-NT-MP-01-30 HIT from KS-CLOUD-TAIZ-CT-103-03
X-Cdn-Request-ID: 4a34c214673e92df2a217fa18ed04d10
x-link-via: taizct103:443;ntmp01:443;

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 295B 25 KB
11 KB 110ms
58ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48cfc83db2b82ddfb01df7f30572d7468629fab7ec76234074d8d3552b3b7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10521
x-xss-protection: 0
server: cafe
etag: 10353281354250900348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 06:34:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 295B 146 KB
50 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a603f579262df7d9aa8eb23f25f48aa8f2f96c03825641ad656831d571fe3f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51126
x-xss-protection: 0
server: cafe
etag: 9513358696945312900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 27 Feb 2024 06:34:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ Frame 295B 408 KB
138 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92703d03713e8eb6eec99ff3d3f4e249eb570659523d6c6958ceae82238c5a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141469
x-xss-protection: 0
server: cafe
etag: 10060271347394353761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 06:34:29 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 9553 9 KB
5 KB 75ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 19:31:37 GMT
etag: 9539045072340585784
expires: Mon, 11 Mar 2024 19:31:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 295B 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-4157113266001782&eid=44759875%2C44759926%2C44759837%2C31081136%2C95325068%2C95320378%2C21065724

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:34:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FAB 125 KB
40 KB 471ms
471ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1709015669323&bpp=112&bdt=116&idt=281&shv=r20240221&mjsv=m202402210101&ptt=5&saldr=sd&correlator=2010958368029&frm=22&ife=1&pv=2&ga_vid=510411456.1709015670&ga_sid=1709015670&ga_hid=1429665193&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31081136%2C95325068%2C95320378%2C95324154%2C95324160%2C21065724&oid=2&pvsid=917733176347092&tmod=564565472&uas=0&nvt=1&top=http%3A%2F%2Fofficialoomph.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.y7hqn7adm4xp&fsb=1&dtd=290

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

979557a70e4435426348cae5aabe89fb96c9572c977d45b0a54528ba4986887c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 06:34:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a557c05b701b7d3041e507ef957cdd82.js Show response
www.gstatic.com/mysidia/ Frame 3FAB 8 KB
4 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1709015669323&bpp=112&bdt=116&idt=281&shv=r20240221&mjsv=m202402210101&ptt=5&saldr=sd&correlator=2010958368029&frm=22&ife=1&pv=2&ga_vid=510411456.1709015670&ga_sid=1709015670&ga_hid=1429665193&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31081136%2C95325068%2C95320378%2C95324154%2C95324160%2C21065724&oid=2&pvsid=917733176347092&tmod=564565472&uas=0&nvt=1&top=http%3A%2F%2Fofficialoomph.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.y7hqn7adm4xp&fsb=1&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3757
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 18:18:39 GMT

GET
H2 200 18237942aa2fcadce968187580046b2b.js Show response
www.gstatic.com/mysidia/ Frame 3FAB 41 KB
16 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/18237942aa2fcadce968187580046b2b.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3708c7138c901b15c9340b98a893545cdcb905c7f707a36dd93ea4ef6c5088be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16341
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 May 2024 16:10:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3FAB 2 KB
822 B 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:21:02 GMT

GET
H2 200 f30634b4a3ab8fb661763ee5d6c29381.js Show response
www.gstatic.com/mysidia/ Frame 3FAB 22 KB
9 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f30634b4a3ab8fb661763ee5d6c29381.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9382
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 18:37:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3FAB 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 00:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 00:11:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3FAB 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 00:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 00:11:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3FAB 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:21:01 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3FAB 204 KB
61 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 07:11:52 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 3FAB 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 18:18:39 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/ Frame E953 12 KB
5 KB 72ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/18237942aa2fcadce968187580046b2b.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f0d8b99860f7c01c3a41625c1ccb4e693cf52efcdf16e95c657d4e704666c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248147
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3165
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 09:38:43 GMT
expires: Sun, 23 Feb 2025 09:38:43 GMT
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FAB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe4d6a63210d47fd2f4712d4558c99066f0d00f729e499846475c67e497ff3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FAB 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvkhbdYLdZc3HJ6CA1fAPiJOjyAqS7LikbKjwmeyUEN2zpJ6RDhABIPbBmBVglQKgAeK_oeIDyAEJqQK4m8FoJdeoPqgDAcgDSKoEiQJP0A39JI2TO937IAUrlwHzKhC6PYd-G2LswzS07gLfLgN_kIs9pwXPJI9oiwtw940qqn4R1dPxuYTCEPOLm_o2dS8EFJaato99MAYx3p2RY2oBRJuBhgsaiyzPEV7RM85ekYoghARUqDvMuPrOvswGhTNTOxx4D9J_ztk7FEtsVjcOyXdajGj8GURIHYI3lhH-sf7RHEy5ID6RBBh_nTeiuCln1E4bK5_G113sQmE8QfSdgaE3lHB7izUNzWArQiJ9W_P_s3I7A_im6hw07IEqS0GVJG3CYp1yiE9yB2VsvR3F33mc00KboTwhZCnlcomtWNBNB5DPQnjTv0dtEF3esTn6dS6zLYX3wASGpPK_hwSIBYiKwvs-kgUECAQYAZIFBAgFGASgBi6AB4bA3h2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDKxQjSCCkIkeGAcBABGB8yBeuLgIAgOgmAQICAgICAlAhIvf3BOljc952_88qEA5oJZWh0dHBzOi8vZG93bmxvYWQucGNzeXN0ZW1maXguY29tL2RyaXZlcnMvP2JyYW5kPVdpbmRvd3MmbG9nbz13aW5kb3dzJnRtPXR0JmFwPWdhZHMmYWFpZD1hZGE4WERZSkNWNU53gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=ZdpGZ3TK7ZA&uach_m=%5BUACH%5D&ase=2&template_id=419&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1709015669323&bpp=112&bdt=116&idt=281&shv=r20240221&mjsv=m202402210101&ptt=5&saldr=sd&correlator=2010958368029&frm=22&ife=1&pv=2&ga_vid=510411456.1709015670&ga_sid=1709015670&ga_hid=1429665193&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31081136%2C95325068%2C95320378%2C95324154%2C95324160%2C21065724&oid=2&pvsid=917733176347092&tmod=564565472&uas=0&nvt=1&top=http%3A%2F%2Fofficialoomph.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.y7hqn7adm4xp&fsb=1&dtd=290
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Feb 2024 06:34:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E953 6 KB
3 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Feb 2024 17:12:51 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E953 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13986
x-xss-protection: 0
server: cafe
etag: 13700676731869450326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Feb 2024 16:47:22 GMT

GET
H2 200 09e3ae817a80cd0f9f791f2eefa86ac4.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/ Frame E953 68 KB
18 KB 30ms
30ms Script
application/x-javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/09e3ae817a80cd0f9f791f2eefa86ac4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169e3c51a7a58fa3d836e93b992016d278c798a57e0034ed33c2b8a450fd6301

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Wed, 26 Feb 2025 05:02:02 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 05:02:02 GMT
age: 5548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18044
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 css
fonts.googleapis.com/ Frame E953 5 KB
1 KB 86ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/09e3ae817a80cd0f9f791f2eefa86ac4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5231125d84d6567c2b0d651a9175ba7a46902fc1ccae6196a8cae2f8072dbe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 06:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:34:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 06:34:30 GMT

GET
H3 200 cdca4b68d1e702f1982f67810c2e1c6d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/media/ Frame E953 5 KB
5 KB 25ms
24ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/media/cdca4b68d1e702f1982f67810c2e1c6d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47c16b8572a745ba01457021e38c6f958fdcc41876ef32fa49e2a97a139cefa3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 09:53:32 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 21 Feb 2024 09:53:32 GMT
x-content-type-options: nosniff
age: 506458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4944
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d098b47960dcb101465098122d640546.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/media/ Frame E953 3 KB
3 KB 23ms
23ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/media/d098b47960dcb101465098122d640546.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3461b8bfdf0315c93cf7045079adebd94b648c2cb79b81d75dc54d6b5be57a3d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8804646993813672905/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sun, 23 Feb 2025 22:56:19 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 24 Feb 2024 22:56:19 GMT
x-content-type-options: nosniff
age: 200291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2775
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E953 15 KB
16 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 04:41:44 GMT
x-content-type-options: nosniff
age: 93166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 04:41:44 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame E953 20 KB
20 KB 81ms
27ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 06:31:48 GMT
x-content-type-options: nosniff
age: 345762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 06:31:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 295B 16 KB
12 KB 111ms
67ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d3c85ee35debe27b54888804ed0744674ceae262b27b686101f9c7eba739d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12489
x-xss-protection: 0

GET
H3 200 44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js Show response
pagead2.googlesyndication.com/bg/ Frame C4C4 51 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19803
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 07:37:52 GMT

GET
H3 200 44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js Show response
pagead2.googlesyndication.com/bg/ Frame E953 51 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19803
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 07:37:52 GMT

HEAD
H/1.1 200
OK phpinfo.php Show response
officialoomph.com/ 0
622 B 90ms
90ms XHR
text/html 2606:4700:3033::6815:15cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://officialoomph.com/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:15cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:34:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjz%2BzaTv0R7GUo1xV7YC%2B8i1sU41OAJH4CjyrX0h8dD20fVMM7U6Cp%2FjxQJeHHtnPw3LOsGPU0dbiNTEZ9ERRSusOqOzNByAPnskSKQ5uaEbtRC7l9sS%2F6AebyVDdwpKEBiqfCam6j16KgZvKWWnyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 85be67056ab97913-CDG
alt-svc: h3=":443"; ma=86400

HEAD
H/1.1 200
OK ocp.php Show response
officialoomph.com/ 0
620 B 97ms
97ms XHR
text/html 2606:4700:3033::6815:15cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://officialoomph.com/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:15cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:34:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DARX2PJbQlL6Oh7SjIt1fEYPt22tNMul9tdM8WDwbtcy0cwyjxfmdXdzmtVSnoftlkHzw9ejJeQ1xntgb%2BYoWYH%2FkrUi2vyglZE660elCNMAZ5jtVPDAqXakIbrUDQ9%2BT5i6pafwEIXHZ2VpZqf6Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 85be6705fb237913-CDG
alt-svc: h3=":443"; ma=86400

HEAD
H/1.1 200
OK index.php Show response
officialoomph.com/phpMyAdmin/ 0
2 KB 116ms
116ms XHR
text/html 2606:4700:3033::6815:15cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://officialoomph.com/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

HTTP/1.1

Server

2606:4700:3033::6815:15cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
Date: Tue, 27 Feb 2024 06:34:30 GMT
Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Permitted-Cross-Domain-Policies: none
Content-Encoding: gzip
X-ob_mode: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Tue, 27 Feb 2024 06:34:30 +0000
Server: cloudflare
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcphJYAX1Da498axpN6v4lhlsDJL8iA7SrLYqx2xD9rWUfTkDgDiMJFfCIdStxmtrLCK8Hz7iDtsSjm%2BgK1OOTnlX7AW0dDsnCJDGeYRmjvOOR12QPjt49xEw9hja%2BtSFjbN6tNISKiz4SdfxDBFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
X-Robots-Tag: noindex, nofollow
CF-RAY: 85be67069b937913-CDG
X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
Expires: Tue, 27 Feb 2024 06:34:30 +0000

HEAD
H/1.1 200
OK xprober.php Show response
officialoomph.com/ 0
626 B 96ms
96ms XHR
text/html 2606:4700:3033::6815:15cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://officialoomph.com/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:15cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://officialoomph.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:34:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLGbth8gSeUSbJO%2B0YdWy1yoHHq3z%2Bl9ljBlL7qSjc8xZagSpRizVjA7h%2B%2FCKNMG3lWYLderxQ66Iin6XB3Vopniy%2BhJh0NohqxT7dRK%2BrMUPpX9JvyHjuJHeFeSJr5fp23o7HBjwXor7ZZwlG6Gnw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 85be67075c057913-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 295B 17 KB
6 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:34:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FB0 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 21:37:18 GMT
expires: Tue, 25 Feb 2025 21:37:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C124 829 B
1 KB 85ms
32ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e144d7490f8cb3f180e592d34bb96efb6c473a7c9b2d048f487d512d03e52091

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XVbQV7Xd3ZrrHg_U-9A0AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XVbQV7Xd3ZrrHg_U-9A0AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 06:34:31 GMT
expires: Tue, 27 Feb 2024 06:34:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FB0 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 00:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 00:11:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C124 0
0 52ms
52ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=917733176347092&rc=
Requested by: Host: officialoomph.com
URL: http://officialoomph.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FB0 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gRfe9Q
Requested by: Host: officialoomph.com
URL: http://officialoomph.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:34:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 295B 0
0 54ms
54ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=917733176347092&bg=!FBelF1jNAAZ3BdUuVwU7ADQBe5WfOKYMwHOZbwcSfj1JmicakCtTGqQg2wI5XfaH48lU2zjEXqGYn4iUK6-J2lEB_nrGAgAAAD1SAAAAAmgBB5kDEc6NuBBELxB8qIqstDL4IyJ4UR5VJc_2jSqQ83cUiwS-CrFhaDCT-YeEX-unby-ySxqip1lvpKOgCNoQFUzVILmlPFtOUSXCpkjgOZqPpM9Sn95uRjqeEh-Eh4uy_y8e-QUqWcoNYw70JLNvWeEXyR2uh6XziHR1om_84ZIW07xIRp4shlvDinZZ254ptOIERRhWF8HN3avoV9SIFpOCYEe27oCP0NVcNUWIJxyPjGwShK9_waonzyIiCZVpJKDKR_RLEQSxyPCLDKYY6d44J3fVrdCjM9V9b84Gdxx_i0HXxQpe5_m5pkL7nBGoD3nHBMpfV4ajtGpNlJrf9paDqcD9Sy2dSgw4R0iZQOEW7oLVkXJdxO-vFJNknNrkHlkcMHRW3MUeM_h-IAAV8HH-0J6w9eEfAqD9r5daDe4KdNuWUMIKG04XZjRb94dxNXX3w__UI3GRJaqWZIrAIj2hpABgJKWoXS-gw985A0m22jZGoamgZt1c5HUETmT4lX8-5U0tFtilskXI5huJNcnUS4Bd1R3AHo60_M-v9MTEpsB0S1AuodJFrAtMXT9zuKOBjEX0zh5SQWpYjrHgUnym_IS8W64AXNBmBnkqQAAjB3UVFokkZh1HEqYuMIyXhdHPqFYxQJlsFS2IWuUQMOG6KqSK2SluWgOZu-zbJHXaTbWJlbsXzgUY961ybCzOFWfC3ulCnQ8EYuRTjUxr7Y6GHeuQ3Hg4kYyn3J81NLOidAAswrghqe5WD_MvvbvjolzcoM21RvQGZMMd10fde2J-SLsMKF4NwLW9SuaD9A--nOTr6unn1fJ97BK5Ecoa76BBr1aHy8n9p-uqBPN9Knh4IGQFL_v5uwcgmLVs4yskgSdrwlTPThLhkCxufTCCMhOOAkefDGxW25Npyf9G8QbPdcjiOwKbZrDiQ4jd3MViSo8A5yoz_wMIqbzcWMtgcN3_SvT7O_H-GIHz5vc4InN0RpzJ842LA6oEPQWl-cmum9Yxooj844w5dadP78d-jy4qlJL4s4liC3peiNmMrC7Ysi2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FAB 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHVOVZOQVp1Kw4y6X4nAqaqNHfQSdFZ-cmkwmPjHFBX2Sg0QWod5qjhP44vKuLhdlcYRINxkTVvhVN0xE_hX971b2zL7R-YBtZ_t-iY_L1e2DMV4wnsXjbPYSsm1upsYsWJyxt10lEiJkx74K_AtSDtTMzVEACBGY0eUzH9Q&sig=Cg0ArKJSzO3D3GrJXZbxEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3616527039&rs=2&la=0&cr=0&vs=4&r=v&co=494847000&rst=1709015669615&rpt=616&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			officialoomph.com/phpMyAdmin/	1970-01-20 19:26:47	Name: pma_lang Value: de
			officialoomph.com/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin Value: 0ji91dr6muvlqojj0d6kdet022

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
officialoomph.com
pagead2.googlesyndication.com
static.oneinstack.com
tpc.googlesyndication.com
www.google.com
www.gstatic.com
2606:4700:3033::6815:15cf
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
58.222.51.1
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
169e3c51a7a58fa3d836e93b992016d278c798a57e0034ed33c2b8a450fd6301
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3461b8bfdf0315c93cf7045079adebd94b648c2cb79b81d75dc54d6b5be57a3d
3708c7138c901b15c9340b98a893545cdcb905c7f707a36dd93ea4ef6c5088be
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
47c16b8572a745ba01457021e38c6f958fdcc41876ef32fa49e2a97a139cefa3
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f0d8b99860f7c01c3a41625c1ccb4e693cf52efcdf16e95c657d4e704666c5
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
71d3c85ee35debe27b54888804ed0744674ceae262b27b686101f9c7eba739d3
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
92703d03713e8eb6eec99ff3d3f4e249eb570659523d6c6958ceae82238c5a57
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
979557a70e4435426348cae5aabe89fb96c9572c977d45b0a54528ba4986887c
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
a5231125d84d6567c2b0d651a9175ba7a46902fc1ccae6196a8cae2f8072dbe6
a603f579262df7d9aa8eb23f25f48aa8f2f96c03825641ad656831d571fe3f3f
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
abe4d6a63210d47fd2f4712d4558c99066f0d00f729e499846475c67e497ff3a
b48cfc83db2b82ddfb01df7f30572d7468629fab7ec76234074d8d3552b3b7ba
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e
e144d7490f8cb3f180e592d34bb96efb6c473a7c9b2d048f487d512d03e52091
e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17
e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

officialoomph.com Open in urlscan Pro 2606:4700:3033::6815:15cf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

90 %HTTPS

89 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

1681 kBTransfer

2844 kBSize

2 Cookies

14 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

officialoomph.com Open in urlscan Pro
2606:4700:3033::6815:15cf Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

90 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

1681 kB
Transfer

2844 kB
Size

2
Cookies

50 HTTP transactions
1 data transactions