rpupdate.cc Open in urlscan Pro
2606:4700:3030::6815:317a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rpupdate.cc/
Effective URL:
https://rpupdate.cc/
Submission: On January 03 via api (January 3rd 2024, 9:14:01 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 19 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3030::6815:317a, located in United States and belongs to CLOUDFLARENET, US. The main domain is rpupdate.cc.
TLS certificate: Issued by GTS CA 1P5 on November 11th 2023. Valid for: 3 months.

This is the only time rpupdate.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:9137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:303... 2606:4700:3030::6815:317a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
4	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 5	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.132.155.94 18.132.155.94	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.139.78 52.222.139.78	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.21 18.239.50.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	13.42.80.79 13.42.80.79	16509 (AMAZON-02) (AMAZON-02)
126	32

1 2606:4700:3035::ac43:9137 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rpupdate.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:317a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rpupdate.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.219.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal900029.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.155.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-155-94.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-78.ams50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-21.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.80.79 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	786 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 316880	128 KB
17	rpupdate.cc 2 redirects rpupdate.cc	700 KB
14	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	162 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 47118 hal900029.redintelligence.net — Cisco Umbrella Rank: 464684	56 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	375 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 35667 api.webgains.io — Cisco Umbrella Rank: 70957	19 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 39084 medialead.de — Cisco Umbrella Rank: 38855	851 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6 adservice.google.com — Cisco Umbrella Rank: 189	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	193 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 77762	3 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15485	705 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 60073	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 340274	923 B
126	19

	Domain	Requested by
26	pagead2.googlesyndication.com	rpupdate.cc pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net rpupdate.cc tpc.googlesyndication.com pagead2.googlesyndication.com
17	rpupdate.cc	2 redirects rpupdate.cc
10	www.gstatic.com	googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com rpupdate.cc googleads.g.doubleclick.net
5	hal900029.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900029.redintelligence.net
5	www.googletagmanager.com	rpupdate.cc www.googletagmanager.com adv.office-partner.de
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900029.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal900029.redintelligence.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net rpupdate.cc
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects rpupdate.cc
2	pv.medialead.de	hal900029.redintelligence.net googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	rpupdate.cc
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	rpupdate.cc
1	adv.office-partner.de	hal900029.redintelligence.net
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn0.gstatic.com	rpupdate.cc
1	encrypted-tbn2.gstatic.com	rpupdate.cc
1	encrypted-tbn3.gstatic.com	rpupdate.cc
1	ad.doubleclick.net	googleads.g.doubleclick.net
126	32

This site contains links to these domains. Also see Links.

Domain
discord.gg
twitch.tv
www.tiktok.com
ptb.discord.com

Subject Issuer	Validity	Valid
rpupdate.cc GTS CA 1P5	`2023-11-11` - `2024-02-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://rpupdate.cc/
Frame ID: 8AC641850EBD58B3245CED7581C0084E
Requests: 32 HTTP requests in this frame

Frame: https://rpupdate.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 1FBA1B22A6977E4C03369088E62356C4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: 742BEB72860111604DE929F8AA0D7E8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7569422957845047&output=html&adk=1812271804&adf=3025194257&lmt=1704306220&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Frpupdate.cc%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704316436928&bpp=1&bdt=375&idt=211&shv=r20240102&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5780752940309&frm=20&pv=2&ga_vid=1203746567.1704316437&ga_sid=1704316437&ga_hid=1451310748&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080114%2C31080182%2C21065725&oid=2&pvsid=3859611039195281&tmod=977469520&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: A1E84336F8413CC691E94B40BEF21256
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D6A7E547D3E6DD13C655F05EFA6F9BDD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8FB63CE3E863FCB68027C2614DE498C7
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3EF845BEFC8A2C18D36706140BB74749
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUH9ibM9wtuIHIuIZhSjmpDEuTxg6sILaGzfoNcTv5orYmVneYjwGQT1nFelwNoEBOqU1y0JLTFqXkmX_BLT7BE6j0Fo0N_GSPLiLwlS91pxATY8nxf0tWRaGTXmkfvn8QhxLbdSXj8Ue3bKOrYI4lx3uqND8X55oK-hs1CGV4YNMg1-W8
Frame ID: 88779361C2E285D79E1AFD28D41BC596
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 076ADB959EB5DF72C9CF51B0D505C441
Requests: 21 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 94F4DB516112FCE51C56CD22C106485B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 120EAF8AC20F3FE11ACC949A05C937DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: C62E9184D46B089146833D498C8EB90D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 66F6A8992FF2C8D39860332E6A49B6CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ABB2735D34267330D82A6AA08AEB9F90
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 0C290C7401445A9845CE6350A433EFDE
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5BB35628F5F523994B77F04588487F8E
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504
Frame ID: AC024A1F3CFCCA1B6A923705359EE5C0
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Frame ID: BFC7A38E1F4E64379C948C5CC05BC9D2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 285C875197D1E12C12A77597BB5E2A9A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE18FB900577F4959D4747BB51A1D570
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RPupdate – nerfnet

Page URL History Show full URLs

http://rpupdate.cc/ HTTP 301
https://rpupdate.cc/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

126
Requests

92 %
HTTPS

55 %
IPv6

19
Domains

32
Subdomains

32
IPs

6
Countries

2448 kB
Transfer

5695 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/rpu
Title: Discord

Search URL Search Domain Scan URL

URL: https://twitch.tv/rpupdate_cc
Title: Twitch

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rpupdate
Title: TikTok

Search URL Search Domain Scan URL

URL: https://ptb.discord.com/channels/534015515639808010/1129219394577367061
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rpupdate.cc/ HTTP 301
https://rpupdate.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://rpupdate.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rpupdate.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZXOFnJga1hu3IWHHsD6pAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJs3QBET2PYtPKHBEOjSF7Q&google_cver=1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMTU3MjkwOTk0NTUzMTIxNg%3D%3D

Request Chain 81

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
https://tpc.googlesyndication.com/simgad/3995853839924061625

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckwy5Fc6VZd_rC7nK1fAPqJyrgAHOs56SdaGki9y1Ernu8MiqARABILSo9nxglbr9gZQHoAGhwJjxKMgBCagDAcgDywSqBIMCT9B4vm5x6GfvrtsyEe5LkNCNqoBTabyXKi69vCNcHQVh6JuP9RtZjOvZpC3Ip4v3Ip9lv_4nEDZQ4C4a8gNWaz-pZhTA8Ge_av2PDs30I7R38REo3BresBjEWLL1zhuSn2svPlq9CjiA9jX1mrQlj6gi-YpLJuo-wYF4Cv_EBZehmH5ycEiEQi0vLm4rMAEGaqOlvMIqrCmvHT5L7x-g1mfFjcrtn1wwl9xiIFA7RL_YftEuB0Z3nK3jV5sohHgqlotTcK8JiQBc4wr9fJBlD_cDPb2bcTttzyMQp_hvKhiZW2xIMmc_KPfZCSC30L-3wl9E7gxxk9J2VAWNYnV5H_wbXcAEvsrGhcgEiAXJ_Ke7TZIFBAgEGAGSBQQIBRgEoAYugAed_KSjBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDO1wLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDmgmEAmh0dHBzOi8vd3d3LnRlbXUuY29tL2RlLWVuL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9NzZ-ZW5-RVVSJmdvb2RzX2lkPTYwMTA5OTUxMjgwOTIzMiZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QxNjIwMTYyLTImdG9waWNfY2xhc3NpZnk9MTEwgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMM0BUBgBcBshccChoIABIUcHViLTc1Njk0MjI5NTc4NDUwNDcYAA&sigh=P-ZAkEZpBtI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212239671182106817819%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215259609860774048321%22}&andc=true

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 98

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504

Request Chain 100

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rpupdate.cc/
Redirect Chain

http://rpupdate.cc/
https://rpupdate.cc/

211 KB
28 KB

168ms
64ms

Document
text/html

2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3745650a0655f51558a6bacd4dc356b2e8ad89698fbdd44920efd52e682138a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1711
alt-svc: h3=":443"; ma=86400
cache-control: max-age=10800
cf-cache-status: HIT
cf-ray: 83fe3fa039d96fcf-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 21:13:56 GMT
last-modified: Wed, 03 Jan 2024 18:23:40 GMT
link: <https://rpupdate.cc/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRB%2BEP1kqWFevy4gr70e6q3hjM5HGrPt8lgS8L1V0sLVrPJcTdbRgo0QmsnFXy3MmXdd6d0f5G79G6xoTkPbyd%2B1Ogx4Tq4U2Uc%2BYGt0ffUqvVzwKwjuFUqiCUkLWDP1TAr%2FouwrEQnLsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: wp-load-alloptions-query;dur=0.81, wp-before-template;dur=113.49
vary: Accept-Encoding
x-served-by: rpupdate.cc

Redirect headers

CF-RAY: 83fe3f9f0faf3c80-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 03 Jan 2024 21:13:56 GMT
Expires: Wed, 03 Jan 2024 22:13:56 GMT
Location: https://rpupdate.cc/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIWb4%2B1EZDZWvK0z0%2Fgof6YNAec9vS6NIs4T%2BDndtrtVBnkR03jAkk1IPvjYH4K1QV6Rr6SYwEUt4HU43yDSFczoYBiCJ9GSrLqJe%2BuKGGawObK%2F1ET5BqD5aM%2Bs1A8%2BHYuIjK57fdbSlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 2scp8.css
rpupdate.cc/wp-content/cache/wpfc-minified/fcv8rtgy/ 16 KB
3 KB 59ms
58ms Stylesheet
text/css 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/cache/wpfc-minified/fcv8rtgy/2scp8.css
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21861
etag: W/"6556ecca-4096"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kIFY%2FjSMnKqU9Wx5YEj2iF%2FlMuEtZFQ01yJbGpdPtkqW8ItyazsOolfU9cTvnOv1XE3MgiIYqw6F9fra%2FTaLsgtddxnVQT7f%2FmWzoAOzZz49qgz0XwIufbpzgZINDKoyq%2B9%2FwwLtT9V1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=64960
cf-ray: 83fe3fa0aa9b6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 2scp8.css
rpupdate.cc/wp-content/cache/wpfc-minified/e303x75r/ 7 KB
2 KB 59ms
59ms Stylesheet
text/css 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/cache/wpfc-minified/e303x75r/2scp8.css
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20071
etag: W/"6556ecca-1b43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ2RbiYU4S17G5F79mL1WoZjmFb5ev0JrVPi9KN2Ii1bCxExq8wBNe1RAJjVXgrrdaKCXgbUutw7s67liqjv4Hpni6CPVxqVAGa3So%2BfoEOUzSF920YkBet3Hg1y3n3u1sGMwbTb5Pw%2BiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=72326
cf-ray: 83fe3fa0aa9c6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 dk8dn.css
rpupdate.cc/wp-content/cache/wpfc-minified/k9e4vack/ 59 KB
35 KB 61ms
61ms Stylesheet
text/css 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/cache/wpfc-minified/k9e4vack/dk8dn.css
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a426640cdcdf0d4e18a90617020acd46e42d5fac92dbfd31cc015a70e9f80780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31757
etag: W/"656e4e35-ea19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsabUbwx%2FgZX7UtF3okIvBm5OqY0OtVm0lVsFDmf4Uxaf%2BAsWzy2DY0NurTZJjFycx5rC1%2B4FNo5xVL4MoKBmR3qSqSjmK4OkqmvH47zzuIzpmQNR33LEev0ssRQHYcbTOz6YIkjS%2FGhzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=10800
cf-ray: 83fe3fa0aa9d6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 dkcz3.js Show response
rpupdate.cc/wp-content/cache/wpfc-minified/2f1d8hcc/ 141 KB
49 KB 80ms
79ms Script
application/javascript 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/cache/wpfc-minified/2f1d8hcc/dkcz3.js
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d056bbfc29582162b5cdd50ec0518d83ee62ac53b79b4a7ef61b55c464d8d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5964
etag: W/"656e5011-23222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEuzXzXG%2F5%2FVuA6%2BnBmrT99%2BGVEBpO8PR%2Bx5SovoMGQnhxvMdzslwKlyABwOKpVFejNF8hMdeInQiXzrHyfojIo5NtWclE6oOmjqw2ysU1KD%2Bn3SOfueDM20EKZq19w6UIzqozv6HrdCvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
cf-ray: 83fe3fa0aaa06fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 168ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192687059-2

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f62d40d47eed13aee39f8f64f6ed573af9f881e51060db6278d95212383a8c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 174ms
89ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7569422957845047&host=ca-host-pub-2644536267352236

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe36bd86ad5409f02920700b893a8a11643b2a62d422cde6618a800e7f9e5734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Origin: https://rpupdate.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51291
x-xss-protection: 0
server: cafe
etag: 5895415361430061973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 wpa.js Show response
rpupdate.cc/wp-content/plugins/honeypot/includes/js/ 4 KB
2 KB 101ms
101ms Script
application/javascript 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/plugins/honeypot/includes/js/wpa.js?ver=2.1.11
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bcc93830226acd12135ee7ffb991c03ac3a5ad509477453438e2c049c30ff03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3776
etag: W/"6581f161-f35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jekzCfRLnBTU7spQr10b7AZb6Q%2FBt5zwy7KardKtztTQanxrCYeSC57r45DgOwyS1Y75FEFhHxvWnPXXHx1aSPzQtVZcP%2F3yF8Qi3hTbjbA14Hgg7%2BymbIvF%2BeiFJ2%2FxWRv5Yi1wbZy9DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=17828
cf-ray: 83fe3fa0caea6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 lazysizes.min.js Show response
rpupdate.cc/wp-content/plugins/lazy-loading-responsive-images/js/ 8 KB
4 KB 99ms
99ms Script
application/javascript 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js?ver=1680877120
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12491
etag: W/"64302640-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdVPxJGts%2FA3e4%2Bm%2FRZKW%2Be6RfcZxRsQARz3FJ1wuSalPLOqNKn9axou61KZS9fFb%2Fd0mo4ABndIvtkDd6jHGfnSi%2F0s0boK6vvyTnyN9mFj1d%2B%2BwnYvay047TlyeB1rEwgi%2Fa2J8lImMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=70992
cf-ray: 83fe3fa0caeb6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 snippet.min.js Show response
rpupdate.cc/wp-content/plugins/statify/js/ 409 B
535 B 100ms
100ms Script
application/javascript 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/plugins/statify/js/snippet.min.js?ver=1.8.4
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6969c6e81ff9b0cd06a440cdadb2b946cb51ace18e40c94b843290080fe2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27587
etag: W/"63d3143b-199"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Bp7l1%2FrDVdVRLXVKrgEMHuKV%2Fy%2BYp02msC3uwFW78HLdvP9DI9d6%2BLRlQZxxNpG4LnX6oMqHvi17pDCoNo9fVJ%2FNGHF40nTIjIw94noWH2ECDthv3PV5PYqDPOSN%2BYW5i69sxAokRZZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=64629
cf-ray: 83fe3fa0caee6fcf-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
BLOB 200
OK b34a4f76-1397-410f-b701-7138779ac7ca
https://rpupdate.cc/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rpupdate.cc/b34a4f76-1397-410f-b701-7138779ac7ca
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 Inter-VariableFont_slnt,wght.woff2
rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/inter/ 319 KB
320 KB 96ms
96ms Font
font/woff2 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b

Request headers

Referer: https://rpupdate.cc/
Origin: https://rpupdate.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 01:19:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4fbe4-60999e2bdcdc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dRWsJwNgTeOZFx3J%2FPfAtSTr5UBWuSV1zjoxbIerLb03hErsCh5J3WL8gOlm04D%2Bfi3iPlPFJcFuPfYVdFh6HtKv73tjSOaIzK1j2Q1qExFSe95WHWXSXFZsPHIk71eW2O%2FsFTA55SRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 83fe3fa1cf3e03a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 326628
x-served-by: rpupdate.cc

GET
H3 200 cardo_normal_400.woff2
rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 143 KB
143 KB 250ms
250ms Font
font/woff2 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18

Request headers

Referer: https://rpupdate.cc/
Origin: https://rpupdate.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 01:19:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23a8c-60999e2bdcdc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyiSW3H%2FPBcsIip%2FJQSySiWOiwNA2GpAphiT3WFOlZKeqv3Rw5F5HlQmkipOQHITgnuoyFeCvCnOLhTChcpA%2F7eeeR2S537uxdzyPK3ujY%2F6vTfB58HttvVCnLfbaUwhkfgzBYyzaPniDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 83fe3fa1cf4003a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 146060
x-served-by: rpupdate.cc

GET
H3 200 cardo_italic_400.woff2
rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 103 KB
103 KB 65ms
65ms Font
font/woff2 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b2ff62e3ac4219811de0c709bd0d81d962a88dc87a598ac19b20f58f960136

Request headers

Referer: https://rpupdate.cc/
Origin: https://rpupdate.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 01:19:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19ae0-60999e2bdcdc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1r1Y9u1kFENsxFMbXD6dhtP2Kke%2Bgy3eWSOBOlYGN1G8gICHZeI80D9OKYn3%2FXXQlKKHozCFsCqgtzaSf4Ukm9zheF9w4k%2FAPxspsaRDe1wgcgzZ8w%2B4l0GbDA1RJ6k6bZ0Q8oAlwgpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 83fe3fa1cf4203a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 105184
x-served-by: rpupdate.cc

POST
H3 204 admin-ajax.php Show response
rpupdate.cc/wp-admin/ 0
554 B 262ms
261ms XHR
text/plain 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rpupdate.cc/wp-admin/admin-ajax.php

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/wp-content/plugins/statify/js/snippet.min.js?ver=1.8.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://rpupdate.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: rpupdate.cc
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7Nb4%2FsgJbwwk8qLiNHURbQRSbCPr68nllFGUSn7hmE6Tme6GCMQYRbSOuh0O2tvgGOCdrP%2Fi%2B%2Br3lPe7fDmVzxjPeBqU3JEPz5YVE9VCFdDq5WKoLbAtRHzU4p5v8yZDbxr53KyZFavqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://rpupdate.cc
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 83fe3fa1df4d03a6-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
rpupdate.cc/wp-includes/js/ 18 KB
5 KB 49ms
49ms Script
application/javascript 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: rpupdate.cc
date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26023
etag: W/"64252b43-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l5oMeUU%2FIfNJdLxz947hQnaGAJ4%2BzN3FeLF0tt%2FEX%2BzgCmI0TozE7l5kzjbp2CAxYl%2FXNusO2Xgs0DpW%2B6J3mxuRwUjsCAomczaNqaZUHk%2ByEu42ULmma3tMMkEdvUfDh%2BFvIbuY7TIeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=21160
cf-ray: 83fe3fa1df5103a6-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 00:30:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 156ms
147ms XHR
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/wp-content/cache/wpfc-minified/2f1d8hcc/dkcz3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c36684d4ffebc180de028625b128dc2ffdceecfab9df8d3b7833b5050005fa2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51395
x-xss-protection: 0
server: cafe
etag: 16778039715828904728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 223ms
214ms XHR
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bff24c91302fceb4e81a67cd364f1de74c5c886c3332072b8406e05e9cce7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51400
x-xss-protection: 0
server: cafe
etag: 3964477994585243672
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 194ms
109ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79374f97857ee9d2c7dc90fa2bae83372a84bbd9e3182ec947a4d6faf56040a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51395
x-xss-protection: 0
server: cafe
etag: 10647105949455227325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H3

200

main.js Show response
rpupdate.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 1FBA
Redirect Chain

https://rpupdate.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rpupdate.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

205ms
205ms

Script
application/javascript

2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rpupdate.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Server

2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19fac09b6add1cc7e0a40fd7bfe50756970b64f1b3087d8ce1b68f9ba0403c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeSVvtBF6%2BjCZFhDosf6mMPztAjhWS5gpl%2Fjh2QhnU%2FwAEzXgN%2F8Coj%2F3Y8u28drenMVb%2B2twG%2BzMVWGYCKdnUZJG7wd6k4dI5iLwSbXN1wViUfKYsjxPjt%2BGWqjRSWgNAQfu4KNgGBuaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83fe3fa23f9d03a6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Jan 2024 21:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hB%2BSwFXKbxxdr1iSilnQY8o2x6PBgPOe6w5vr3emTmgrkBAnZY8ugbazVUIotImjOVrlGIoRweWmqmD0enrhMQYNcN1v1iaZSpCcg04F8tE7TnHBPmkU0jO4T4roETqP3oif8OewUe4eHg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83fe3fa1ef5d03a6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7569422957845047&plah=rpupdate.cc&bust=31080182

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7569422957845047&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf0bb8c7a115cb08c03d6f181e3ec42e3e069ce0108d9bbee28eaa3b6d35f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139426
x-xss-protection: 0
server: cafe
etag: 16099304009240961580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame 742B 9 KB
4 KB 126ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7569422957845047&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:59:35 GMT
etag: 9219409622527106327
expires: Tue, 16 Jan 2024 21:59:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BW8ZJ1JFT4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192687059-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c00a0da80802d0f7032e984c14dcf127cd55002e53da7228bbfe60ef601140d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 21:13:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192687059-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 19:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5140
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Jan 2024 21:48:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-K5LQQL7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192687059-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

451516d1fddc619e29d63c9a4a907819ccb442605c18f8e776d794234532bbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 21:13:56 GMT

POST
H3 200 83fe3fa039d96fcf Show response
rpupdate.cc/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1FBA 0
553 B 60ms
58ms XHR
text/plain 2606:4700:3030::6815:317a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpupdate.cc/cdn-cgi/challenge-platform/h/g/jsd/r/83fe3fa039d96fcf
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:317a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 21:13:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2yqyOwVHpEmqi1FjA6%2FKSst%2FTPcZjKl%2BQrx5HEpo5B06qb2bOmIfg6E1ikQo%2FA2dvQqL1M5W0gifELffBmXp8AAzLJUoVRz4xpcIIHe5J8mfhqbHbZ01ssIDHRs3ysUT95cDUZA0kbtCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83fe3fa3e91a03a6-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 131ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WB7960YZ5V&gtm=45Pe3bt0v9105218839&_p=1704316436699&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1203746567.1704316437&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704316437&sct=1&seg=0&dl=https%3A%2F%2Frpupdate.cc%2F&dt=RPupdate%20%E2%80%93%20nerfnet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=866
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K5LQQL7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpupdate.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1451310748&t=pageview&_s=1&dl=https%3A%2F%2Frpupdate.cc%2F&ul=en-us&de=UTF-8&dt=RPupdate%20%E2%80%93%20nerfnet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1877382347&gjid=820236563&cid=1203746567.1704316437&tid=UA-192687059-2&_gid=1372300400.1704316437&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1432723924

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rpupdate.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpupdate.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 114ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BW8ZJ1JFT4&gtm=45je3bt0v9109361567&_p=1704316436699&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1203746567.1704316437&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704316437&sct=1&seg=0&dl=https%3A%2F%2Frpupdate.cc%2F&dt=RPupdate%20%E2%80%93%20nerfnet&en=page_view&_fv=1&_ss=1&tfd=884
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW8ZJ1JFT4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpupdate.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A1E8 426 KB
95 KB 512ms
511ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7569422957845047&output=html&adk=1812271804&adf=3025194257&lmt=1704306220&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Frpupdate.cc%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704316436928&bpp=1&bdt=375&idt=211&shv=r20240102&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5780752940309&frm=20&pv=2&ga_vid=1203746567.1704316437&ga_sid=1704316437&ga_hid=1451310748&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080114%2C31080182%2C21065725&oid=2&pvsid=3859611039195281&tmod=977469520&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7569422957845047&plah=rpupdate.cc&bust=31080182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc6f124bfdaa313607748c55227ceb37c647bf423f7054bedbd4026bc51b4cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 96737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:57 GMT
expires: Wed, 03 Jan 2024 21:13:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 104ms
104ms XHR
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a4d5127e6b087d4886654fa590708c9e3f298d83beee9999ac2193d48786575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51395
x-xss-protection: 0
server: cafe
etag: 7274417042343079085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:57 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c37233e9757833e713c88f0fde2e8aee2ff6135599aa3a0fc596a0bf382b3cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51395
x-xss-protection: 0
server: cafe
etag: 1178113978538717046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 161 KB
55 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js?bust=31080182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16c706837d869938031a0e1cdaa62ebcc8960711a0cfee09994276d63305e4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56259
x-xss-protection: 0
server: cafe
etag: 6096563600700588534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:57 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame D6A7 9 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Tue, 16 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 8FB6 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Tue, 16 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 3EF8 9 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Tue, 16 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D6A7 4 KB
1 KB 138ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:26:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6A7 205 B
294 B 141ms
51ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:28:54 GMT
x-content-type-options: nosniff
age: 6304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Jan 2025 19:28:54 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6A7 604 B
918 B 140ms
50ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 20:01:00 GMT
x-content-type-options: nosniff
age: 4378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Jan 2025 20:01:00 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D6A7 16 KB
7 KB 179ms
91ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D6A7 22 KB
9 KB 172ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 10:17:44 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 8FB6 9 KB
4 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 02:12:26 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 8FB6 20 KB
8 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 08:54:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FB6 2 KB
639 B 130ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:10:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8FB6 2 KB
875 B 160ms
79ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:19 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 8FB6 6 KB
2 KB 128ms
47ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 23:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 23:43:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8FB6 23 KB
9 KB 132ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8FB6 3 KB
1 KB 162ms
83ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:43:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8FB6 20 KB
8 KB 123ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FB6 203 KB
64 KB 234ms
122ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8FB6 37 KB
15 KB 133ms
52ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8877 624 B
246 B 80ms
79ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUH9ibM9wtuIHIuIZhSjmpDEuTxg6sILaGzfoNcTv5orYmVneYjwGQT1nFelwNoEBOqU1y0JLTFqXkmX_BLT7BE6j0Fo0N_GSPLiLwlS91pxATY8nxf0tWRaGTXmkfvn8QhxLbdSXj8Ue3bKOrYI4lx3uqND8X55oK-hs1CGV4YNMg1-W8

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:58 GMT
expires: Wed, 03 Jan 2024 21:13:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 076A 89 KB
31 KB 175ms
174ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 076A 3 KB
1 KB 155ms
82ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:43:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 076A 20 KB
9 KB 113ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 076A 203 KB
65 KB 157ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 076A 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwDWvub0oDMLxq0xMHLf850BTBaMbLKtBzdHz8Z3nDkOJXfkaA_CQ86RJicemVtV6f34pOe8zkLTUVhT9VlCpJ8AJPAZesrAGTJh6DATlQ5ZOH9Kc

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8877
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1

43 B
338 B

62ms
61ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUH9ibM9wtuIHIuIZhSjmpDEuTxg6sILaGzfoNcTv5orYmVneYjwGQT1nFelwNoEBOqU1y0JLTFqXkmX_BLT7BE6j0Fo0N_GSPLiLwlS91pxATY8nxf0tWRaGTXmkfvn8QhxLbdSXj8Ue3bKOrYI4lx3uqND8X55oK-hs1CGV4YNMg1-W8
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St6qIPVRCZ6AnYfSsm%2BdznwqLmN1gkOqcGiuraZOtL6YPOjn%2FuFNBZA4HghhPWOJt3jX7JaBobRt%2Bs5NQXgMa29BOT5DHnovRp8q3A4irzJdY7ilJAGGBVXKxg0JtwBxVL7BZV3iGW9LYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fe3faaecdc452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8877
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZXOFnJga1hu3IWHHsD6pAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1

43 B
771 B

61ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUH9ibM9wtuIHIuIZhSjmpDEuTxg6sILaGzfoNcTv5orYmVneYjwGQT1nFelwNoEBOqU1y0JLTFqXkmX_BLT7BE6j0Fo0N_GSPLiLwlS91pxATY8nxf0tWRaGTXmkfvn8QhxLbdSXj8Ue3bKOrYI4lx3uqND8X55oK-hs1CGV4YNMg1-W8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3E3atQWWjhLGeARZrbLsyLsE4wIhsUgy%2FT%2BqrMnoUQ0BJpdbgfSAG20QKSDT2iKA6rspHCdLQIbuEewbUHFk77LzW%2BCTzmuumdwf2ihqGHTryWAaDxNI5jCI3dp8DmefyqekURRf%2FZInA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fe3fabd8366a78-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOySV6PE-PEsoi9LSjtOOTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8877
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJs3QBET2PYtPKHBEOjSF7Q&google_cver=1

43 B
841 B

54ms
54ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJs3QBET2PYtPKHBEOjSF7Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUH9ibM9wtuIHIuIZhSjmpDEuTxg6sILaGzfoNcTv5orYmVneYjwGQT1nFelwNoEBOqU1y0JLTFqXkmX_BLT7BE6j0Fo0N_GSPLiLwlS91pxATY8nxf0tWRaGTXmkfvn8QhxLbdSXj8Ue3bKOrYI4lx3uqND8X55oK-hs1CGV4YNMg1-W8

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
an-x-request-uuid: cae2bbbc-d636-4a22-8120-6461f3334eb9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJs3QBET2PYtPKHBEOjSF7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8877
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMTU3MjkwOTk0NTUzMTIxNg%3D%3D

170 B
243 B

49ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMTU3MjkwOTk0NTUzMTIxNg%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
an-x-request-uuid: 9b4138fd-8a1a-43fe-9e26-4e8c32c4fe4e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMTU3MjkwOTk0NTUzMTIxNg%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 94F4 9 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 02:12:26 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 94F4 20 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 08:54:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 94F4 14 KB
1 KB 49ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:26:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 94F4 2 KB
856 B 46ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:19 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 94F4 6 KB
2 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 23:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 23:43:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 94F4 23 KB
9 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 94F4 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:43:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 94F4 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94F4 203 KB
64 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 94F4 37 KB
15 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 076A 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9492719474208&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 076A 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9492719474208&version=m202309260101&ct=77&x=1&cor=2988268059331807000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 076A 20 KB
13 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaCL9dn93hnanFwfV2nw6eBpspIWbhMbru5lRCLb6FmgdNrA4oJMyqaAITCWu2C-WR69_h3G_D0C9xUdPNBM7mZJKlEnkOe1PE_rolVIH8HXQ28cXkhkYPQw6qlHqd9nCK_deFgMNAy2lsBMSjAFX2XKIMyu4O1N8qWLfnRm46RerYSQ0&cry=1&dbm_d=AKAmf-DiiXuHZrj2Xkj8Be0OvSVRxn9NHGu-M---X9MvHSOtQvXMyrWlhI1D2NkUf2OfhPGO81HKuRyzdP_ft7QNkehzHnUhJlnK69blkNGf3GDVRyxn9BnDsvmMDX5SJGUuRZ2FfD50yVVbS6DKxXxdWUznSwK6FjDaq2cJCc74SSF4JaCaQ5l-wPpJelbVQuEP64oi6w7efNg0RO8YcWiknF7mUMmVhPVfSisWUUI8HTQ-_tPMBFc65p6mGdt9akWu0u-3pdTva7OZ7680F8hM4_Tfh6S_VifwFPDV5pK5WQLVfQXF-vxi7zPz_5rQWd2BIg0dEMNxx_puXnVnBO0dB8y-9SttBTm5clmJxP1YITfYxvMiPPuszlZ5I6yN7w75X2JMvkUL81fHRJl2e8sNj8LNVLOyB0-ITZjE_5SZgw0RUq-sMhQbM36E7gEfUO2cXCeSe3N_fnXaBgMr15KZdtFDf6NJXNfgEzXk1yu8iIEXUGcsizdIBWbb_c9qBzhQ9fiTNrlz7TT656qPUerX8T_FAUNzOrAHc6kDj3r2Q5E7xD1cb00qIMy9e2I_sa09yLIU85Oez3vmlSIXzb2wawVBlSonrR_pFmIOe1N8Wc91XWbremk0VrHJbsLxrRpDvPVL1TNN1CJHTF5sbFHb6yvhRnF-BksIqGQAhq-dHzHxPwe9SYX9FN-cL8AeF9CqDowNV6a_N4DE1-sA9c_N_ACJ1Xw33erktl7hHqRTCQyis3Ip7lfBTwChOG6v6n4l96VP5m8QZa9hABuBWrRMRMbaOCFgLVUIqVQB5911je6a0DbKj7x9tPiXUDsm6tH2PrVFtRSkb3e9e-Ho84DMiCPWmTIobUPBo6wwCZdkrxiRuD8iNp20MTrMwO-ofwxkr8-HskpwhdU6pSwgBK9hbJhZhSrCvaGv-N3HkFVmI37lYlNICO7Iaa4gCK9pjyAetdlKB0WqPeCrRoWZ8H3lbVLGvpMqDiUHcJ0Q3dvk-ky7iXG5gFXJlpw_dR6_ZzvQrpn9l1wFXvXMPl-TefrGq87QlVUI2Bsc0LEmLzYd6TyBEml7nAmVTPk0IZMMhK6KiiiV-2wrinE-iBhAfnIqQ5-B_g0WMc7JHBNun6wSAbxuurq9qQqG4mMr6xxfpICX5CM787bEsWWOyzrv6J5fXkerIHlDG9StoFqyy9rCzZRrGyCQ8kV7-mV11P7tzCr9fQ2Sescw5Be9H1QYJnI0pV9OxrQCTlbX8pZzlIeQOjDQK4jvIWOL1qu5j9Ot74zci2afOTMCQwqFLeUx5FwtdLj2a59PEvSfkD7q6C-MwnWuuT6X78RW3eqPTnqK7zMdfEvnbywLobdrzYPjBGADy22wCwV-xdUL6LlpYVmCB85ANIzwfzdeYl0v5M1PEGmRu4VQV_Ffc0382bsAJiCHpvQCrnIvIHJoGxMpz-tzibLwlDNEq8mkxLol1eO9uWPtAEZw2TlriR_gEZocexWAxqLVrOk61xHUqhcFAjZ7US-qcKn2poUw39DjgxWVEJeFoNhv6d3do_Prq8Yb5cgmQ585nr6eH61md-HY4-TJJBLnEFLgioxD1ONzh8MpPwIBhTkYNHHVwre5Qp3YgIs54M1ggdfVrLEBRJWaJOVeFVcUsHGOamYNi8HvZ-hFdtvxG4nDjheF7X3HegA4K0WcKbqL2-MR1SfqEIgDwWI7MRdBMn3fuabuP1YUMhocRqilJeYIkJvoCSPqBOnbq0KAW_PgJYU-bvntidw4k_4KHsJuWJRCbTCDd8TJCSQzc-NqkTDAigEgZfZD3jCPea0IXCdesZWf4q2bVcb7TTPuHQ0qqkypkYikOFHlGaKjn2tE7bOfrrPh05YtUpYkYTCTuGGTc6avSS5yUPLHJxdkpsbTugJjdASTNKs443Bx71FyBvfl4HTWDPDg1ZF31ZTiO8hjXFtVsV_CXPr-uhHUXBJ9UAfvDuldoZVAN9-2josd79R_wkdWrnJm62_lwV2rv6vq1e99RLZACRa9SOZiqwFug41-jSw4XDQbkWvQXNUs3MeoD6aqi3PXsDrJiOfXT9mNxptZ2w3EUx8KXlBRl06778G1cvHBAhDizRxZWp6Ue5zTx4QoUbmp5w9_2IHfeJEHozg3Y4L2VkrOKQ7VpNUB-axKSmo5-LaymFJGSuJiq_peIf7KiOg5bKCDKcCyhF4ouyj3ZJ-oUW3D_3a2B7KYPa0i7JOPkVg40Numj3eCJgpX1VmT-RI_yrngpm0TnkXAzTLaKo12DUVhoHVub5Dwx8ZopHEaCgs2Sday356Ucy5j1WhqmyX5lT23mBWzRGlYfT5FSTrxMsrcyBuEcmx0ZTwHriTsDZrGoc2M6htwTrwSWNOxcFVSd-_Db990WiLVirkKp0tznty78Ku5S6Hybq91xgsIrF9VIzj6DhtyZVhWgs8yC3JsoUOsJIVzwYpM7KNlcd0yYb7BNI_3XywGXXoXCPtOXn0QFQnWR870RaOACmq6os77ZZXUn0mGmuWu4re7TeQqqWwpMcXHmPwnYFYfANeSua0kpWz7pK5n77ox7rRoEtTDYz7KktXQ6izgGdLQvp2dlmkjxWrB5TfqXmk7oLx5LxkCkz9lON5vEUjm9PwY-zF-lpQBGdxLV1nQfH-W0gT7br5vO3knhQMWlOXXYkaBxXUXGTAtkBMSqP2hGnuzsNU2Ei_q7vmXfQKyqU8LM531j5VOP3ZvLUUA6XIs1lsaHQKeKMIGyEeIMsyPl5GWZ2q22AHDIcrJeg15-tvizCeES8WZHUaDoJ1AWfSlcQkDXI-CP5t1IZyUywK55PNZ_q5xdpwxdKRKVBiyGnY-Jo4afWbxRdpnKtpFoB7NStsNsEvh-lb2Dnv5usDILexu5-puEOFO3pqS3wjMiMSL8q9_-Zj8HSWnnHza4kcKP4WFxa6U2x_EWFxuQvpLkQ8dFKb7UefxRoSF9jfjFMuIxVilCEXCs887ekkwrQY4uO3fANfgQVApzw-ynwzTEel0RO-WyjPfM8ArFrzNTLJNHqtY3eO9l3zarXyr6TtT-YRyRmZX0E1BoR_m3fbaA3geYca4vYhaFaMOtPG-u_hoEKw0gxb_nIijU0mVkhdkHEp1fCmKkarbIfDWa9BT2QD65flk8_K0uzrh_RTgbYHgn3ofPLTkodF4JTGNgyskrJ3OZocYmvxhQu9xxQ3oHkKywZAKgsCNLG80QTv6A6GB309AczikukmhQ0JrFVae8ozXhluqO1y4DELes7Uyjb5wDARj8QyjHo6Dir5qwV-t2VjKGGaknKqBZW93ZDWbgQDNaGVVHbAtNGKQRA6mxIy4n3n2YRZj-CbEDlfjBfVo6RrJh2A2rA8396qcdy3W-NqbFvf1VRtSIfnDzMzQ9beiIirvBA-AON_hHgRw5OZ42VFs1lGpPv44YeKagkpxSIPldoBjYUjrtC8Symvl_apGEyb5z_gKXCc6qRlTqaL2su9UlJtG4gB0xxjGsiP26V35nikleHRWH_Npav2p1Yvpq6d2RMZu_kldYqKoywQAD_B8A23NUgU0JmOXR3xckXR9ptkBOObKDEV2d0TX1yXdtpeXM-0Al4-OK_0RtXEOcwDNc_xJsLZfB6py-H_3qCf7MOB4HQLy_r6SxL1MY-o7tk5Io8xWc4BIW7ASW1cELlmgbWxc6lTpR6-HcfRL_DX6Kkn0-dM6pYaCgcUY6iTaWnsKY3j2kj9SYJlvYTA0EvVrsfvwoL5LNm4i2Rm1qYcryJr2hC-ljr4SkVhJvEmeL8uzEDm_tBLFuViuZyZs33JNkXEEnXkCcW-ILPRIODVtKFpaF5-GbFnDJ7vxb0hP5tRPaVsB0FireWHp2A2cnQQDpFeTGyn_vuw3YaKm2vOfV1isitke2Di3SPwd5EOiM8UIYT8zAawwf8d90bNs-_bVCLItDpqwtxZpPuZ07aV9Z5EfTZGc2CmQH57APMKbbsa6lFKKBSJAI8rtHHVpGzxbjst9sU13SIsX5zNdq6HBz-7LiZzSHcLj8mJUlD2R&cid=CAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Frpupdate.cc%2F&ds=l&xdt=1&iif=1&cor=2988268059331807000&adk=1726166463&idt=182&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b386071285ed7e7a24ba13989f5813b78689112ab8cfe6f5b2932d7dd80081f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FB6 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBnRvd2VyMQoKCAIqBnNlcnZlcgoNECshAAAAAAAAJEAwBAoNEAMhAAAAzcxcaUAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAADlAMAQSGkNKX0t5NzZSd29NREZUbGxGUWdkS000S0VBIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 120E 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 20:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 076A 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaCL9dn93hnanFwfV2nw6eBpspIWbhMbru5lRCLb6FmgdNrA4oJMyqaAITCWu2C-WR69_h3G_D0C9xUdPNBM7mZJKlEnkOe1PE_rolVIH8HXQ28cXkhkYPQw6qlHqd9nCK_deFgMNAy2lsBMSjAFX2XKIMyu4O1N8qWLfnRm46RerYSQ0&cry=1&dbm_d=AKAmf-DiiXuHZrj2Xkj8Be0OvSVRxn9NHGu-M---X9MvHSOtQvXMyrWlhI1D2NkUf2OfhPGO81HKuRyzdP_ft7QNkehzHnUhJlnK69blkNGf3GDVRyxn9BnDsvmMDX5SJGUuRZ2FfD50yVVbS6DKxXxdWUznSwK6FjDaq2cJCc74SSF4JaCaQ5l-wPpJelbVQuEP64oi6w7efNg0RO8YcWiknF7mUMmVhPVfSisWUUI8HTQ-_tPMBFc65p6mGdt9akWu0u-3pdTva7OZ7680F8hM4_Tfh6S_VifwFPDV5pK5WQLVfQXF-vxi7zPz_5rQWd2BIg0dEMNxx_puXnVnBO0dB8y-9SttBTm5clmJxP1YITfYxvMiPPuszlZ5I6yN7w75X2JMvkUL81fHRJl2e8sNj8LNVLOyB0-ITZjE_5SZgw0RUq-sMhQbM36E7gEfUO2cXCeSe3N_fnXaBgMr15KZdtFDf6NJXNfgEzXk1yu8iIEXUGcsizdIBWbb_c9qBzhQ9fiTNrlz7TT656qPUerX8T_FAUNzOrAHc6kDj3r2Q5E7xD1cb00qIMy9e2I_sa09yLIU85Oez3vmlSIXzb2wawVBlSonrR_pFmIOe1N8Wc91XWbremk0VrHJbsLxrRpDvPVL1TNN1CJHTF5sbFHb6yvhRnF-BksIqGQAhq-dHzHxPwe9SYX9FN-cL8AeF9CqDowNV6a_N4DE1-sA9c_N_ACJ1Xw33erktl7hHqRTCQyis3Ip7lfBTwChOG6v6n4l96VP5m8QZa9hABuBWrRMRMbaOCFgLVUIqVQB5911je6a0DbKj7x9tPiXUDsm6tH2PrVFtRSkb3e9e-Ho84DMiCPWmTIobUPBo6wwCZdkrxiRuD8iNp20MTrMwO-ofwxkr8-HskpwhdU6pSwgBK9hbJhZhSrCvaGv-N3HkFVmI37lYlNICO7Iaa4gCK9pjyAetdlKB0WqPeCrRoWZ8H3lbVLGvpMqDiUHcJ0Q3dvk-ky7iXG5gFXJlpw_dR6_ZzvQrpn9l1wFXvXMPl-TefrGq87QlVUI2Bsc0LEmLzYd6TyBEml7nAmVTPk0IZMMhK6KiiiV-2wrinE-iBhAfnIqQ5-B_g0WMc7JHBNun6wSAbxuurq9qQqG4mMr6xxfpICX5CM787bEsWWOyzrv6J5fXkerIHlDG9StoFqyy9rCzZRrGyCQ8kV7-mV11P7tzCr9fQ2Sescw5Be9H1QYJnI0pV9OxrQCTlbX8pZzlIeQOjDQK4jvIWOL1qu5j9Ot74zci2afOTMCQwqFLeUx5FwtdLj2a59PEvSfkD7q6C-MwnWuuT6X78RW3eqPTnqK7zMdfEvnbywLobdrzYPjBGADy22wCwV-xdUL6LlpYVmCB85ANIzwfzdeYl0v5M1PEGmRu4VQV_Ffc0382bsAJiCHpvQCrnIvIHJoGxMpz-tzibLwlDNEq8mkxLol1eO9uWPtAEZw2TlriR_gEZocexWAxqLVrOk61xHUqhcFAjZ7US-qcKn2poUw39DjgxWVEJeFoNhv6d3do_Prq8Yb5cgmQ585nr6eH61md-HY4-TJJBLnEFLgioxD1ONzh8MpPwIBhTkYNHHVwre5Qp3YgIs54M1ggdfVrLEBRJWaJOVeFVcUsHGOamYNi8HvZ-hFdtvxG4nDjheF7X3HegA4K0WcKbqL2-MR1SfqEIgDwWI7MRdBMn3fuabuP1YUMhocRqilJeYIkJvoCSPqBOnbq0KAW_PgJYU-bvntidw4k_4KHsJuWJRCbTCDd8TJCSQzc-NqkTDAigEgZfZD3jCPea0IXCdesZWf4q2bVcb7TTPuHQ0qqkypkYikOFHlGaKjn2tE7bOfrrPh05YtUpYkYTCTuGGTc6avSS5yUPLHJxdkpsbTugJjdASTNKs443Bx71FyBvfl4HTWDPDg1ZF31ZTiO8hjXFtVsV_CXPr-uhHUXBJ9UAfvDuldoZVAN9-2josd79R_wkdWrnJm62_lwV2rv6vq1e99RLZACRa9SOZiqwFug41-jSw4XDQbkWvQXNUs3MeoD6aqi3PXsDrJiOfXT9mNxptZ2w3EUx8KXlBRl06778G1cvHBAhDizRxZWp6Ue5zTx4QoUbmp5w9_2IHfeJEHozg3Y4L2VkrOKQ7VpNUB-axKSmo5-LaymFJGSuJiq_peIf7KiOg5bKCDKcCyhF4ouyj3ZJ-oUW3D_3a2B7KYPa0i7JOPkVg40Numj3eCJgpX1VmT-RI_yrngpm0TnkXAzTLaKo12DUVhoHVub5Dwx8ZopHEaCgs2Sday356Ucy5j1WhqmyX5lT23mBWzRGlYfT5FSTrxMsrcyBuEcmx0ZTwHriTsDZrGoc2M6htwTrwSWNOxcFVSd-_Db990WiLVirkKp0tznty78Ku5S6Hybq91xgsIrF9VIzj6DhtyZVhWgs8yC3JsoUOsJIVzwYpM7KNlcd0yYb7BNI_3XywGXXoXCPtOXn0QFQnWR870RaOACmq6os77ZZXUn0mGmuWu4re7TeQqqWwpMcXHmPwnYFYfANeSua0kpWz7pK5n77ox7rRoEtTDYz7KktXQ6izgGdLQvp2dlmkjxWrB5TfqXmk7oLx5LxkCkz9lON5vEUjm9PwY-zF-lpQBGdxLV1nQfH-W0gT7br5vO3knhQMWlOXXYkaBxXUXGTAtkBMSqP2hGnuzsNU2Ei_q7vmXfQKyqU8LM531j5VOP3ZvLUUA6XIs1lsaHQKeKMIGyEeIMsyPl5GWZ2q22AHDIcrJeg15-tvizCeES8WZHUaDoJ1AWfSlcQkDXI-CP5t1IZyUywK55PNZ_q5xdpwxdKRKVBiyGnY-Jo4afWbxRdpnKtpFoB7NStsNsEvh-lb2Dnv5usDILexu5-puEOFO3pqS3wjMiMSL8q9_-Zj8HSWnnHza4kcKP4WFxa6U2x_EWFxuQvpLkQ8dFKb7UefxRoSF9jfjFMuIxVilCEXCs887ekkwrQY4uO3fANfgQVApzw-ynwzTEel0RO-WyjPfM8ArFrzNTLJNHqtY3eO9l3zarXyr6TtT-YRyRmZX0E1BoR_m3fbaA3geYca4vYhaFaMOtPG-u_hoEKw0gxb_nIijU0mVkhdkHEp1fCmKkarbIfDWa9BT2QD65flk8_K0uzrh_RTgbYHgn3ofPLTkodF4JTGNgyskrJ3OZocYmvxhQu9xxQ3oHkKywZAKgsCNLG80QTv6A6GB309AczikukmhQ0JrFVae8ozXhluqO1y4DELes7Uyjb5wDARj8QyjHo6Dir5qwV-t2VjKGGaknKqBZW93ZDWbgQDNaGVVHbAtNGKQRA6mxIy4n3n2YRZj-CbEDlfjBfVo6RrJh2A2rA8396qcdy3W-NqbFvf1VRtSIfnDzMzQ9beiIirvBA-AON_hHgRw5OZ42VFs1lGpPv44YeKagkpxSIPldoBjYUjrtC8Symvl_apGEyb5z_gKXCc6qRlTqaL2su9UlJtG4gB0xxjGsiP26V35nikleHRWH_Npav2p1Yvpq6d2RMZu_kldYqKoywQAD_B8A23NUgU0JmOXR3xckXR9ptkBOObKDEV2d0TX1yXdtpeXM-0Al4-OK_0RtXEOcwDNc_xJsLZfB6py-H_3qCf7MOB4HQLy_r6SxL1MY-o7tk5Io8xWc4BIW7ASW1cELlmgbWxc6lTpR6-HcfRL_DX6Kkn0-dM6pYaCgcUY6iTaWnsKY3j2kj9SYJlvYTA0EvVrsfvwoL5LNm4i2Rm1qYcryJr2hC-ljr4SkVhJvEmeL8uzEDm_tBLFuViuZyZs33JNkXEEnXkCcW-ILPRIODVtKFpaF5-GbFnDJ7vxb0hP5tRPaVsB0FireWHp2A2cnQQDpFeTGyn_vuw3YaKm2vOfV1isitke2Di3SPwd5EOiM8UIYT8zAawwf8d90bNs-_bVCLItDpqwtxZpPuZ07aV9Z5EfTZGc2CmQH57APMKbbsa6lFKKBSJAI8rtHHVpGzxbjst9sU13SIsX5zNdq6HBz-7LiZzSHcLj8mJUlD2R&cid=CAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Frpupdate.cc%2F&ds=l&xdt=1&iif=1&cor=2988268059331807000&adk=1726166463&idt=182&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDMxNjQzODE5NDY5MQogIHNlcnZlcl9pcDogMTQ2NTI0NzIzCiAgcHJvY2Vzc19pZDogNDAxMDEyMjMyNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 076A 0
867 B 173ms
75ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDMxNjQzODE5NDY5MQogIHNlcnZlcl9pcDogMTQ2NTI0NzIzCiAgcHJvY2Vzc19pZDogNDAxMDEyMjMyNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyMjk4MDcyODg2ODQ2OTU4MjY4CmRlYnVnX2tleTogMTY4MzAzNzg0ODc0ODk1NDk1NjIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTAzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x8078132f5613fbe30000000000000000","13":"0x382a8ea7b6eced60000000000000000","14":"0x9f324247353ac6e10000000000000000","15":"0xaf3acc23acef5cdb0000000000000000"},"debug_key":"16830378487489549562","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2298072886846958268"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 076A 11 KB
4 KB 127ms
40ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1704316437194017&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 54f93ce9bc5edf0dcd8a49632cbc5373546a7335b5af7cd5242c9c12758ac25a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:13:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4191
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8FB6 15 KB
16 KB 138ms
39ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTLpqCp5nIR_sO8x9oD7rqBk_oCxM3GCr8k9DHWWArLkAlMWaF4Z-u4p0nsGHo&usqp=CAI

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672412f2d12146fe399ab9c2de8615806e6f02a6b98480c6830c27dea20460f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:03:56 GMT
x-content-type-options: nosniff
age: 130202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15695
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 07:36:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Jan 2025 09:03:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8FB6 34 KB
35 KB 127ms
39ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSf2r1EBHkIgDzB0dA6acOnFbYqkkXligA3NabsTINeXOFEM1rapaPdKdN_qg&usqp=CAI

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfc83ce5e89003c668a162a8ffb8f369496aeebbaf6bb29e55fefd22ee83f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:16:56 GMT
x-content-type-options: nosniff
age: 205022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34998
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:47:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 31 Dec 2024 12:16:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8FB6 29 KB
30 KB 126ms
39ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRcRzGnXCsQtuT88FY78hB9pP9b5eRcA82i0-Dx3YY7vmpFzpi7g-vsa0JBPA&usqp=CAI

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2beb87b03bf3823fc559f074cc0b379fc0573fcb4a67ad8a87ca335fa010c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:29:45 GMT
x-content-type-options: nosniff
age: 96253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29810
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 06:10:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Jan 2025 18:29:45 GMT

GET
H3

200

3995853839924061625
tpc.googlesyndication.com/simgad/ Frame 8FB6
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
https://tpc.googlesyndication.com/simgad/3995853839924061625

77 KB
77 KB

51ms
51ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3995853839924061625

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 06:51:35 GMT
date: Tue, 02 Jan 2024 06:51:35 GMT
x-content-type-options: nosniff
age: 138143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 17:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Wed, 03 Jan 2024 16:08:52 GMT
x-content-type-options: nosniff
server: cafe
age: 18306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 16:08:52 GMT

GET
DATA 200
OK truncated
/ Frame 8FB6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad11e739e6bdda1c9145e5388710cecb9732bd62bccd526b93b08f4edea0cee7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8FB6 20 KB
21 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 10:23:28 GMT
x-content-type-options: nosniff
age: 211830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 10:23:28 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame C62E 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 18:08:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8FB6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckwy5Fc6VZd_rC7nK1fAPqJyrgAHOs56SdaGki9y1Ernu8MiqARABILSo9nxglbr9gZQHoAGhwJjxKMgBCagDAcgDywSqBIMCT9B4vm5x6GfvrtsyEe5LkNCNqoBTabyXKi69vCNcHQVh6Ju...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212239671182106817819%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%222...

0
0

153ms
73ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212239671182106817819%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215259609860774048321%22}&andc=true

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12239671182106817819","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"15259609860774048321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 21:13:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12239671182106817819","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"15259609860774048321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 120E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:58 GMT
expires: Wed, 03 Jan 2024 21:13:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 66F6 51 KB
19 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 18:08:59 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ABB2 38 KB
13 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 127720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F4 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNECshAAAAAAAAHEAwBAoNEAMhAAAANDNjYEAwBAoNEA0hAAAAAJiZuT8wBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAACBAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAADgQ_VAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAAAA4GdAMAQKDRAUIQAAAABwvfVAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAADQzs2lAMAQKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAAA0M9M_MAQKDRA7IQAAAAA0M9M_MAQKDRA8IQAAAAA0M9M_MAQKDRA9IQAAAAA0M9M_MAQKDRA-IQAAAABnZuY_MAQKDRA_IQAAAABnZuY_MAQKDRBAIQAAAABnZuY_MAQSGkNKN0t5NzZSd29NREZUbGxGUWdkS000S0VBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FB6 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBnRvd2VyMQoKCAIqBnNlcnZlcgoNEBAhAAAAAAB5sUAwBAoNEBEhAAAAAOBD9UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAACAZmaGdkAwBAoNEBQhAAAAAEB49UAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAACAZmbOdkAwBAoNEDIhAAAAAKCZuT8wBAoNEDMhAAAAAKCZuT8wBAoNEDQhAAAAAKCZuT8wBAoNEDUhAAAAAKCZuT8wBAoNEDYhAAAAAKCZuT8wBAoNEDchAAAAAKCZuT8wBAoNEDghAAAAAJqZ6T8wBAoNEDkhAAAAAADAQ0AwBAoNEDohAAAAAACARUAwBAoNEDshAACAMzNrdkAwBAoNEDwhAACAMzNrdkAwBAoNED0hAACAZmaGdkAwBAoNED4hAAAAAACYdkAwBAoNED8hAAAAAACYdkAwBAoNEEAhAAAAmpnhdkAwBAoNEAohAAAAZmY2aUAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAmplReUAwBAoNEA8hAAAAAAAAAAAwBAoNEAUhAAAAmplReUAwBBIaQ0pfS3k3NlJ3b01ERlRsbEZRZ2RLTTRLRUEiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 166ms
74ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 21:13:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ABB2 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:59:20 GMT

GET
H/1.1

200
OK

request.php Show response
hal900029.redintelligence.net/ Frame 076A
Redirect Chain

https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

180ms
103ms

Script
application/x-javascript

88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 44a5436792b8db659aab93649f388811a77eb7caf716388151ea68948b1b6c88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 21:13:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 23531100154011804444550012558029
Connection: close
Content-Length: 1329
Expires: Wed, 03 Jan 2024 21:13:58 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 21:13:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 03 Jan 2024 21:13:58 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABB2 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=By0NJFs6VZYPxC7OU7_UP17iW-A4AAAAAOAHgBAI&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOJpwoVjbKILZuuyrQxqENmgRT05Zba5DQGlNoSe6u8cr2s9GRG8Q9xxJGOtu6AJDAgAAADJSAAAAAmgBB5kC-l3O-8cjx1aiE8DTw4rVQL4lWnASFT9VeGOAdKLQvLcdGhb6357tKAyJl4qbmlEElIpaWxkuiZZnqWeDWbF7FQjJhJwX8ElHjRdJmBo7JUhe8Tp4Lt7RCLV28-b98iboV1ounV5KkiWZzumwV50Z33b2L69gGVWzjd04CiYsiuZ9_XZlTMkY-KW2Gtz81pUTIIIG_KORIB7t_6p07ZmBthsQAX1_UcGp2n2qM28hpU3ev_Lqx4en1I3PAOkaU7dqbjOoTJgathofBXDThsu2zBiVhJBvRUPlTTc1yij0QRyPvSR4v0wfTZQP9rrXLN4c2eszcq2b6b5-N1OtED54TyTb-M2BoUvnl0lKZ56nDAa0tZHB3FnIVKj813ix8mB6c3gekBh231car0OvKvFWugxCiDU79UbucOjccwFZlugONdOW4JTh5me_54vjn-GCp3NCBVGgkVt8Ieeh-NOM5E6Og19hL5Hx8n8DOCb_eEAcnsO7kxBs7HI9uFMYeoKp-7Dzweyky9M3M57HQEjU0-F_gFZH3LhwDAec2KnZ5WZanJPXkIvMR2jlzCLDFfbNoG04dPqOB9PO5s92URgqonpai64pSyxtVBUZeTUCmhs3ZxU4W3ScnRYrfJuoxDdwoxRmLWkaxgFaaXS76qiz0X4yuqoVyXm4wiX6bsgIctqPUuhWJNZywBkmtemTR2UHbX4Ufuf7NcFRk7aTHHwmItueHaTzf38qX0cAX_mY5oscEka9afJEpZ1gL8fIic5k1pQdDu4oUy4HrrA6Z8ioX_RzG4m_9K-jN0YYWTGIFvsw-8G3TlRms4FqnDNq6VBCwdG46uTdVIR5BzqWYrNGVcVdMZTLKmrZfFPbGvxPT2TPEZQswo6EtDBvoU8D-4FBXL3d70yL4LMeFxDi-jcOBAboILvJZqTBzGvdG1_a8hJrlhGNLvD5CmVg3vh1K5qAoJq1Rcx0O37OqJG_hB7UER9Zjnc26zVY-QLjn-cYZh7uBOZF7y8RT6Z3GA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 0C29 0
327 B 155ms
51ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 03 Jan 2024 21:13:58 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5BB3 930 B
923 B 133ms
39ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 03 Jan 2024 21:13:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 10 Jan 2024 21:13:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 076A 2 KB
2 KB 190ms
84ms Script
text/html 18.132.155.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=23531100154011804444550012558029&nw=1
Requested by: Host: rpupdate.cc
URL: https://rpupdate.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e9149a8848bb41fbd53e208ea15cfb3b7155f2a7fb3ec5325dd93c795705eabc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
last-modified: Wed, 03 Jan 2024 21:13:58 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 03 Jan 2024 21:14:58 GMT

GET
H2

200

activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504 Show response
8019191.fls.doubleclick.net/ Frame AC02
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504?

391 B
328 B

83ms
83ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504?

Requested by

Host: rpupdate.cc
URL: https://rpupdate.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

40aeab202aeb47438dddfdaa508a03fcecc1144a96185f8177dbcfa0933708ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:58 GMT
expires: Wed, 03 Jan 2024 21:13:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900029.redintelligence.net/ Frame BFC7 7 KB
2 KB 119ms
42ms Document
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=46a85b8ea1&subid=&uid=337cb046746c7261&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ_CbFc6VZeHrC7nK1fAPqJyrgAGm5b2gaYWVnKfJD_AuEAEgtKj2fGCVuv2BlAfIAQmpAuIYN8VjU7I-qAMByAObBKoEmwJP0IniNcoL42eB1M4k61aMimM4E2wICpwgmsSbMPT9_RLfEWnmZ5qzddxYVdBbQEoOu59vK-NfDeaAEOIkkAxDl5jgxd7b8Kqowoearh0IHl59qi8c_zB0tDR88LLvONeDtSiZglNbThaUML85mOQK56mLU9prexRkt5K4hn9uKJCH60wcwObE2Q4aiVvcjfnjXMwTmS2dsFYUZvFr4KQqa6JPDDmi2qJC-pFEsbMW7Q9TShDZM9Lb-RjSvcGPWfYIBJjLDVwy3QQH1dy1F4UHyMIA7nv7EGYiE1SwKHzPwMdQ3et_UNxjbKdlXTI74Vlx0KV3SOglE6c6gtcWtleRPoKSTAYOkWHFn63ZBeAj0dPuDONDYFXJwv8BwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLamy76RwoMDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB%26sig%3DAOD64_08Zjlp29ZbTS7twgPQVw4TX3GX3A%26client%3Dca-pub-7569422957845047%26dbm_c%3DAKAmf-BugyL8hCLhM1c68oq3v0BhJ8ciO6raQHrko8BfPSziUjbJR_LBoh7AFsTFu0fBO7UNvYjBiCy3YzWfNPAWNcDFbJAjfYVt3uG1p90jdvRnvJEmktkX3dXV_U2A_NRasJnL-aKDOUq3pTlIvB4QZ1gPuhCzJpaGNMyzGAW9NFT6wRUOD3o%26cry%3D1%26dbm_d%3DAKAmf-BSUSXsDD0bm9FzRUaRfkjIJSRVUbUi4mGOYpJc5EZvwB9ifPGH8tu7imPGlnmxBH3lxYmM8ZSj2wHZmsqKQhz4KL1XCWnFDoHV-FWqB7gTOsnllHqoIKCWhKL8aT682NGuyAU9UMac5Rk27w4M6KoFiBfDEwEuAa3t8UNCVdcGUNby5nc-DvJkvuZQpEQpOubu-k-D4STwtg_tWXSGdlG_YNI0aNE8MHnwr2EJ-gMvIKTTKbFC-HAocAjaMx55g0SEW42nTscsE9ar2jv2AF7LJmMJuNM9nQqSIQApjt4Z6iNtTGVUaTlk16d71ZlOa1auBN4vgjdIWmJg3vzCzt17D-ndPX9i_e-J3Yv8zS4LFOqTkuKEosAQVVh_XrDdX0HUr595P3OYQ45n9mbZ_ljyuK3KuNiqihIsmRk2MW9fZ1lea704OBXKt_xgoTaXrPvFOVjIB1zy5QWlxwfJLzc5WmFYuvgYTpV6Ck4WQV9dfvGaiCGWiV5NmKdj2ettG88PoXbT%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7569422957845047%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frpupdate.cc&random=6177523057862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 5f712ed62ad24e0e56f226cdf6adc9a6f3d1f255786b8aa049bb41c71486e764

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2066
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 21:13:58 GMT
Expires: Wed, 03 Jan 2024 21:13:58 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 076A
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

49ms
49ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23531100154011804444550012558029&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Wed, 03 Jan 2024 21:13:58 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 076A 43 B
705 B 173ms
88ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=23531100154011804444550012558029&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 21:13:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 076A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 466b04f5f0f7963b6bfbd67210afd2f7ce9eecdc51c7220df3cc34084a30e721

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame BFC7 2 KB
434 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:11:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFC7 17 KB
17 KB 119ms
41ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: bb07e0fd98b78efb76f4bdb3fe7d84e96aee5b36e7d3fe6fd51601c647867486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:13:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFC7 16 KB
16 KB 118ms
40ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 262a90fd25c71983681eb0f15bf8bad9bc3cfa3cb9245b08ee856cc3add1db6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:13:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFC7 11 KB
11 KB 118ms
40ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: f165da8e53983107be90a9583aa95550d3ace357b4c9d48805c74aaad77b17a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:13:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10941
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5BB3 175 KB
63 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26f4727508c350d7ef258a013faaea9428376744efd4add5ac4a6ff7855d1a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 21:13:58 GMT

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame BFC7 0
150 B 117ms
40ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=23531100154011804444550012558029&a=35e6ef1b&vb=m
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:13:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 076A 53 KB
19 KB 162ms
44ms Script
application/javascript 52.222.139.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=23531100154011804444550012558029&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-78.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:21:05 GMT
content-encoding: gzip
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 73987
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KmhlgbWwfCZU-S54lemMHzDqxDqK4M6ajmbzfDoeOj5KJZWrVwTukg==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 076A 3 KB
3 KB 137ms
39ms Image
image/png 18.239.50.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1704316738&Signature=aB3DQriC3b4BD6oBxPhZBmPcYtpCz7r2m2sipnXCV2lSPlGwhIq48OiaNpGsr2Lhn8oXXV8xOCxvRLoZe-843cwfGpm7-plqk025vWemwKXWxxgGG8OywcZ-6Wl~CbFA6D-hpTbomARgektvLbPMXu~wkB33Q5PfpiJnRW9aGNgll6kb9fdahkA~PSXcn9C~0LcqZxmU3U3CrVOcDgeEpMrlTwh~LvwQgklMWfTuSPph~BuKIRR2SA9x5QLD0crURnhXA7o6GeCbFF~GyACBRlZXE1cwvbPCDnxpeoR0LOhvQ1zXVz0C8CVNq1WxIp9PMcn6enwssjW0QfY3kxuSeA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 03 Jan 2024 08:45:46 GMT
via: 1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 44893
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: tU5vIbMk5VnI7LOKxVZZcOlZQ-uo8WZtsAjfkTxJAdkOPWesB3c2tg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5BB3 274 KB
91 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0f9841891cde5f23db0d6e90e98402e97e765e3eeb03022b9223c21e17c0075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 21:13:59 GMT

GET
H2 200 dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504
adservice.google.com/ddm/fls/z/ Frame AC02 42 B
401 B 164ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIaUtL-RwoMDFYhMkQUdSRoKMg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6925828199277.504?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
95ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240102&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f94bf30c133365119dcdf0a9fc4d0e84b722e88dcc442d56f3e5ff0f0564e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12263
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 21:13:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FB6 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGCpXFaLt2dEwh5ga-lcRxCMPACoiETs-1USJ8K6s1TL5XvKPl9WwO7ngnqzxo87FEEA8Lhe8TtpuOP9KtS8HZNus7H_ZW_clXAsYKqeAf4VJllKEMIyrlkhYs8-GVg79flK4A4HmKiJgQgbuZM6GBEgFg&sai=AMfl-YSHbZc1gZVTcH7M7h_otls9wmxcBEJ2_RtaSSXCjmm21Ta-COLmt1IwH6oj1B5EQHUe-BcBDmRxMhhr_2NJNc3uLUeG3tHIDwL_6sacpGKifc1VZojOoq0HiRpg57tnXgFZN_27iPxX9xiOt0nG&sig=Cg0ArKJSzAdiRI1EhnazEAE&cid=CAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704316437912&rpt=365&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 285C 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 19:30:43 GMT
expires: Thu, 02 Jan 2025 19:30:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE18 829 B
998 B 49ms
49ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df415b000053e62a5ea21487d323568145a60b7208ac972c7e9f3c157fb319ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3nYVlS17tCbhSbZ_N5NYUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rpupdate.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3nYVlS17tCbhSbZ_N5NYUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:13:59 GMT
expires: Wed, 03 Jan 2024 21:13:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 285C 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:59:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE18 0
0 73ms
72ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240102&jk=3859611039195281&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 285C 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dAc7lQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:13:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 176ms
46ms Preflight 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 03 Jan 2024 21:13:59 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 076A 16 B
209 B 100ms
100ms Fetch
application/json 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 21:13:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 076A 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst43DY-1_xUXCAMNHZRU2kDoyhW6AsmwF_S9YKQiI2mG-SeRVekT5IB9UrXzKQ_bOoeYnDuRg3-f_gDSUf3BBiKUz9ye6qMyRJRHB-x_tSfgL3inrH5itcOop4GroOcTYOdlhu1d89oSuE&sai=AMfl-YSpqxARt2snNQbOSVmfzFKatHcpcsEMuWeXV2FsqSlGreLfC2SsR0E2u4-y92jPjail8uzR4EJm0ENl1l35X0ryKYKSP6eJCe4z4Jg9Q5Resxs2Yuh9h5oa0z41iMiavXDZJIW1GVc4XZVr5nhQ&sig=Cg0ArKJSzKiirMvxXOZJEAE&cid=CAQSTgAvHhf_kuDpvXWHnHpglAOzdTTZCDfhN0Viql2Jxm6WpwwpXqAT1e_JYG577E0XINtkm0Wuy7_OIRyFI6yOPwaatTOtI0D5uUeKcBMOdxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=868,1000,1000,1000,1000&tos=868,132,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704316437965&rpt=801&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240102&jk=3859611039195281&bg=!REelRwjNAAY3kmNgF5I7ADQBe5WfOFLoP3xE5TYYjsS7jfHW96LV4EutHFC_G9kHG4pyPjrhOVS4BpB7Ia34RE05buPxAgAAADxSAAAAAWgBBwoA07-K9flMG_xndZxcy2-PGwKChSfkL_6kJSIwZNexewSfwlQHJIfkMq1Rz4Uvk5VUm-ydYPGXXCsDDD6h0-Yj0CDFiGVK63_QdlQvEKWEboLk4u3mrx7Xk2IGrIzXZ53-l53TnPCQwSYza-KP1iLygR2isGsqS5hgGsi1InF_6A2Bn2Pm8GUNr4fzZFjodJwtTQw_hJIeq3ybFVGM9SBtCxAucjOvOwpD7faK1agm3cwaKqEK6J-lvxdLQGL4Lo_akbCnIdI72VE3M-NTHMlPVaQEX_iZArEVVpbmqWr88oeEq_bWOHIq7duAiM9-4HNZwuzCZco3z_hgWFGj5YJxjtR4jbwl1y_GHeS1Jdtc7_aFFfdWbnBpZ2SDgdzAVjLhmdCEwOTPkDxnENZOLkKDtM0DfPIeX8pIfQBMv8sE0pI5bSh0C7hke_wRPShsNDDeriF7EqDzMfsVTfbIz949Sds-xAla8fdB26_6JoJuFykWJKBKkrQ5oTegVrNcmrdnz_A8AxhidueTPT8oBTVQgvVuXHX2QqjGB-Q1ubzxzjrptAjYRurwgRZ_69e4boeUD5ec0fexcxysO6d9XQKSHHfDfOCG-HNdDdDk5TvcPzvK1JWLlj2FZd8pjezNZgvLVlYWTXQ74XT8SC6nLmIo7NtDw422RsdjBjTpBMK-K65c4XE-ZGXgANJuzgTRhFdWD2P37GIj6mb_sIIno41QGMPBUy1SbX4DDTv5mCyZZnFG2abDfYg5FxRLjhleMRT8IoFOtCwYPfVNnlKKVV_OiG_jNDtyhn-T_BrwDBHqGiVbcC5MqSfqhMYtrlCTIO0sKciq1Mun7CzdekCVbCMN0k-eHvOznSmNosPazZgdL04NcWmRSAyJB5Yb8AabnjzLgsPpGyJ2RMnyZ5V6LzDZqQt4nA0GN2C6Udf0v6AlUq4gnB_M-rDlENuS1vZyZCQ94wZmItZTzoe6to0VnPYhyWBDnE6DTVPDLoE02Oy_aKGuXHrKAtaWZY8s6CN2IT-Ez3s222c1BRCcGt8LvclFTuD35OW-2pKnRhdlAphwURUOI6NviRt_O8YSicyvTRNlCHXVSusLcxl_CHedoBDyLhfcLeQK_LmLMB1CMoJRM4RmkdJz6kQAjZu4U8FVkD83-7Ni3QhXXWdTV5LkTCR4xExVO3eKVl8dDtIlV33FoMyWRKbuCXftHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpupdate.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame BFC7 0
150 B 117ms
39ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=23531100154011804444550012558029&a=35e6ef1b&vb=v
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=23531100154011804444550012558029&a=68a0fb7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 21:14:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 076A 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9492719474208&version=m202309260101&ct=77&x=1&cor=2988268059331807000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 21:14:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rpupdate.cc/	1970-01-21 03:01:16	Name: _ga_WB7960YZ5V Value: GS1.1.1704316437.1.0.1704316437.0.0.0
.rpupdate.cc/	1970-01-20 17:26:42	Name: _gid Value: GA1.2.1372300400.1704316437
.rpupdate.cc/	1970-01-20 17:25:16	Name: _gat_gtag_UA_192687059_2 Value: 1
.rpupdate.cc/	1970-01-21 03:01:16	Name: _ga_BW8ZJ1JFT4 Value: GS1.1.1704316437.1.0.1704316437.0.0.0
.rpupdate.cc/	1970-01-21 03:01:16	Name: _ga Value: GA1.1.1203746567.1704316437
.rpupdate.cc/	1970-01-21 02:10:52	Name: cf_clearance Value: ezRrJ_uhK6wn9ybD3YKgDnDVZwUQJ9l.tWtV5ZgEgJ8-1704316437-0-2-41e8752c.29974b9d.f903a282-0.2.1704316437
.doubleclick.net/	1970-01-21 02:46:52	Name: IDE Value: AHWqTUkrhzgBljobXpe9PuyBYuG-PZkcrpFSU6UR-wnW3LQK2PN9zJp4Sb8OjK2R
.rpupdate.cc/	1970-01-21 02:46:52	Name: __gads Value: ID=2e29f06400867e20:T=1704316437:RT=1704316437:S=ALNI_MaTPSMQROxH68l1kOwX7txi1SR7GQ
.rpupdate.cc/	1970-01-21 02:46:52	Name: __gpi Value: UID=00000ceee00c9501:T=1704316437:RT=1704316437:S=ALNI_MbysYPA0Fnwhl9u6t5-B-PGhGkhrg
.casalemedia.com/	1970-01-21 02:10:52	Name: CMID Value: ZZXOFnJga1hu3IWHHsD6pAAA
.casalemedia.com/	1970-01-20 19:34:52	Name: CMPS Value: 1155
.casalemedia.com/	1970-01-20 19:34:52	Name: CMPRO Value: 1155
.adnxs.com/	1970-01-20 19:34:52	Name: uuid2 Value: 5121572909945531216
.doubleclick.net/	1970-01-20 21:44:28	Name: APC Value: AfxxVi7qMZ7Rec3le_Prl8V9PYSy8NJ7Tk0JDWhd4AURqpg5jzJnGA
.adnxs.com/	1970-01-20 19:34:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTxf4Df(!]tbPl1M>e)ZlrFUfJ+tGXxoD_$UK$GT^mUE7d@aPUjhl@o<)AX^VtukDV8z3If)y3KL9D3I?+$'Qe*K
.doubleclick.net/	1970-01-20 18:08:28	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:25:20	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 19:34:52	Name: 8lcfmzhxc8d6_uid Value: 03f313aaa7985de0
.googleadservices.com/	1970-01-20 19:34:52	Name: ar_debug Value: 1
.awin1.com/	1970-01-20 17:35:21	Name: awpv11601 Value: 113440\|1704316438\|02bfeb31-aa7d-11ee-8661-22610dd0df18
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 03:01:16	Name: source Value: {"webgains_webgains":{"timestamp":1704316438998,"clickCookie":false}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900029.redintelligence.net
ib.adnxs.com
medialead.de
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
rpupdate.cc
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
13.42.80.79
142.250.185.226
142.250.185.70
172.217.18.102
18.132.155.94
18.239.50.21
185.89.210.153
2001:4860:4802:32::36
216.58.206.34
23.212.218.19
2606:4700:3030::6815:317a
2606:4700:3035::ac43:9137
2a00:1450:4001:801::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a0b:4d07:102::1
52.222.139.78
78.46.90.238
88.99.219.174
91.121.248.44
94.23.99.218
09d056bbfc29582162b5cdd50ec0518d83ee62ac53b79b4a7ef61b55c464d8d4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcc93830226acd12135ee7ffb991c03ac3a5ad509477453438e2c049c30ff03
0bff24c91302fceb4e81a67cd364f1de74c5c886c3332072b8406e05e9cce7b8
0e6969c6e81ff9b0cd06a440cdadb2b946cb51ace18e40c94b843290080fe2d8
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
16c706837d869938031a0e1cdaa62ebcc8960711a0cfee09994276d63305e4a2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
262a90fd25c71983681eb0f15bf8bad9bc3cfa3cb9245b08ee856cc3add1db6b
26f4727508c350d7ef258a013faaea9428376744efd4add5ac4a6ff7855d1a49
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2b386071285ed7e7a24ba13989f5813b78689112ab8cfe6f5b2932d7dd80081f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3745650a0655f51558a6bacd4dc356b2e8ad89698fbdd44920efd52e682138a8
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
40aeab202aeb47438dddfdaa508a03fcecc1144a96185f8177dbcfa0933708ce
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44a5436792b8db659aab93649f388811a77eb7caf716388151ea68948b1b6c88
451516d1fddc619e29d63c9a4a907819ccb442605c18f8e776d794234532bbe2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
466b04f5f0f7963b6bfbd67210afd2f7ce9eecdc51c7220df3cc34084a30e721
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f93ce9bc5edf0dcd8a49632cbc5373546a7335b5af7cd5242c9c12758ac25a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a4d5127e6b087d4886654fa590708c9e3f298d83beee9999ac2193d48786575
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f712ed62ad24e0e56f226cdf6adc9a6f3d1f255786b8aa049bb41c71486e764
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
672412f2d12146fe399ab9c2de8615806e6f02a6b98480c6830c27dea20460f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79374f97857ee9d2c7dc90fa2bae83372a84bbd9e3182ec947a4d6faf56040a7
7e2beb87b03bf3823fc559f074cc0b379fc0573fcb4a67ad8a87ca335fa010c8
7f94bf30c133365119dcdf0a9fc4d0e84b722e88dcc442d56f3e5ff0f0564e56
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9cf0bb8c7a115cb08c03d6f181e3ec42e3e069ce0108d9bbee28eaa3b6d35f30
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a19fac09b6add1cc7e0a40fd7bfe50756970b64f1b3087d8ce1b68f9ba0403c8
a426640cdcdf0d4e18a90617020acd46e42d5fac92dbfd31cc015a70e9f80780
aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad11e739e6bdda1c9145e5388710cecb9732bd62bccd526b93b08f4edea0cee7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb07e0fd98b78efb76f4bdb3fe7d84e96aee5b36e7d3fe6fd51601c647867486
bc6f124bfdaa313607748c55227ceb37c647bf423f7054bedbd4026bc51b4cd2
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c00a0da80802d0f7032e984c14dcf127cd55002e53da7228bbfe60ef601140d4
c36684d4ffebc180de028625b128dc2ffdceecfab9df8d3b7833b5050005fa2e
c37233e9757833e713c88f0fde2e8aee2ff6135599aa3a0fc596a0bf382b3cdd
c3b2ff62e3ac4219811de0c709bd0d81d962a88dc87a598ac19b20f58f960136
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df415b000053e62a5ea21487d323568145a60b7208ac972c7e9f3c157fb319ba
e0f9841891cde5f23db0d6e90e98402e97e765e3eeb03022b9223c21e17c0075
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e9149a8848bb41fbd53e208ea15cfb3b7155f2a7fb3ec5325dd93c795705eabc
e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f165da8e53983107be90a9583aa95550d3ace357b4c9d48805c74aaad77b17a9
f62d40d47eed13aee39f8f64f6ed573af9f881e51060db6278d95212383a8c93
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fbfc83ce5e89003c668a162a8ffb8f369496aeebbaf6bb29e55fefd22ee83f66
fe36bd86ad5409f02920700b893a8a11643b2a62d422cde6618a800e7f9e5734

rpupdate.cc Open in urlscan Pro 2606:4700:3030::6815:317a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

92 %HTTPS

55 %IPv6

19 Domains

32 Subdomains

32 IPs

6 Countries

2448 kBTransfer

5695 kBSize

22 Cookies

4 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rpupdate.cc Open in urlscan Pro
2606:4700:3030::6815:317a Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

92 %
HTTPS

55 %
IPv6

19
Domains

32
Subdomains

32
IPs

6
Countries

2448 kB
Transfer

5695 kB
Size

22
Cookies

126 HTTP transactions
2 data transactions