googleads.g.doubleclick.net Open in urlscan Pro
2a00:1450:4001:81c::2002 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&a...
Submission: On June 16 via manual (June 16th 2020, 5:18:11 am UTC) from JP

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2a00:1450:4001:81c::2002, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is googleads.g.doubleclick.net.
TLS certificate: Issued by GTS CA 1O1 on May 26th 2020. Valid for: 3 months.

This is the only time googleads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.134.233 185.29.134.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
13	7

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal900025.redintelligence.net	7 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
3	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	7 KB
2	doubleclick.net googleads.g.doubleclick.net	4 KB
1	googletagservices.com www.googletagservices.com	28 KB
13	5

	Domain	Requested by
3	hal900025.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900025.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
2	tpc.googlesyndication.com	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	googleads.g.doubleclick.net
1	pagead2.googlesyndication.com
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
13	8

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
redintelligence.net Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
Frame ID: 9B8DAE0667F496582CAFA96D60DB3880
Requests: 13 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=18124900030357300951401011262025&a=9a647e89
Frame ID: 2B864D7FB609451095DBB40A017366C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

45 kB
Transfer

109 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1600x1200&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5485624796433469%26output%3Dhtml%26h%3D600%26slotname%3D9313034322%26adk%3D2664609930%26adf%3D2175242420%26w%3D300%26lmt%3D1592203023%26psa%3D1%26guci%3D2.2.0.0.2.2.0.0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fzengin.ajtw.net%252F%26flash%3D0%26wgl%3D1%26dt%3D1592203023499%26bpp%3D3%26bdt%3D477%26idt%3D282%26shv%3Dr20200609%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D638x280%252C336x280%26correlator%3D8134720798721%26frm%3D20%26pv%3D1%26ga_vid%3D1320753588.1592203024%26ga_sid%3D1592203024%26ga_hid%3D698032692%26ga_fc%3D0%26icsg%3D535208%26dssz%3D15%26mdo%3D0%26mso%3D0%26u_tz%3D540%26u_his%3D18%26u_java%3D0%26u_h%3D768%26u_w%3D1366%26u_ah%3D728%26u_aw%3D1366%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D852%26ady%3D429%26biw%3D1349%26bih%3D651%26scr_x%3D0%26scr_y%3D0%26eid%3D21060548%252C26835106%26oid%3D3%26pvsid%3D2464756739182582%26pem%3D255%26ref%3Dhttp%253A%252F%252Fzengin.ajtw.net%252Fsm.php%26rx%3D0%26eae%3D0%26fc%3D896%26docm%3D11%26brdim%3D0%252C77%252C-8%252C-8%252C1366%252C%252C1382%252C744%252C1366%252C651%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D8208%26bc%3D1%26ifi%3D3%26uci%3D3.vyqf7di85h1z%26xpc%3Ddn5ODEPczl%26p%3Dhttp%253A%2F%2Fzengin.ajtw.net%26dtd%3D323&ancestorOrigins=&random=2908120027148&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1600x1200&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5485624796433469%26output%3Dhtml%26h%3D600%26slotname%3D9313034322%26adk%3D2664609930%26adf%3D2175242420%26w%3D300%26lmt%3D1592203023%26psa%3D1%26guci%3D2.2.0.0.2.2.0.0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fzengin.ajtw.net%252F%26flash%3D0%26wgl%3D1%26dt%3D1592203023499%26bpp%3D3%26bdt%3D477%26idt%3D282%26shv%3Dr20200609%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D638x280%252C336x280%26correlator%3D8134720798721%26frm%3D20%26pv%3D1%26ga_vid%3D1320753588.1592203024%26ga_sid%3D1592203024%26ga_hid%3D698032692%26ga_fc%3D0%26icsg%3D535208%26dssz%3D15%26mdo%3D0%26mso%3D0%26u_tz%3D540%26u_his%3D18%26u_java%3D0%26u_h%3D768%26u_w%3D1366%26u_ah%3D728%26u_aw%3D1366%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D852%26ady%3D429%26biw%3D1349%26bih%3D651%26scr_x%3D0%26scr_y%3D0%26eid%3D21060548%252C26835106%26oid%3D3%26pvsid%3D2464756739182582%26pem%3D255%26ref%3Dhttp%253A%252F%252Fzengin.ajtw.net%252Fsm.php%26rx%3D0%26eae%3D0%26fc%3D896%26docm%3D11%26brdim%3D0%252C77%252C-8%252C-8%252C1366%252C%252C1382%252C744%252C1366%252C651%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D8208%26bc%3D1%26ifi%3D3%26uci%3D3.vyqf7di85h1z%26xpc%3Ddn5ODEPczl%26p%3Dhttp%253A%2F%2Fzengin.ajtw.net%26dtd%3D323&ancestorOrigins=&random=2908120027148&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ads Show response
googleads.g.doubleclick.net/pagead/ 7 KB
4 KB 192ms
192ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1fe18b6208dd9773255a3a4b0c4bf86797cb8b1141763fe8ee3f28fc3dae78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Jun 2020 05:17:53 GMT
server: cafe
content-length: 3592
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Jun-2020 05:32:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Jun 2020 05:17:53 GMT
cache-control: private

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ 2 KB
2 KB 170ms
59ms Script
application/x-javascript 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&id=5aW95q2jLzIyLyAvWlRjNU56STBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2NTQ1MTQ2OTM3MzM4MTcwODkvNjYyMjMyNy80NTYyMzA2LzQvTXN1RkVrOEhHWkVibS01a1k0MG5BanNTamtCajI5STFhdEV1b0xncEx0QS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjU0NTE0NjkzNzMzODE3MDg5L3pyaC8wLzQxMS8zMC85OTkvOC8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNTkyMjg0NjczLzE1OTIyOTcyNzMvNC8/_qBlWbzWpUgZaWWIzRHN7A6AqpI&nodeid=1627&group=eu&auctionid=1654514693733817089&sid=4562306&cid=6622327&bp=a_bdgaab&nfy_act=LD5weg&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcH1rKy5wfWshIioqJCMqcH1rOiwkOQsiPwQgPQMiOSQrcHw&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%26client%3Dca-pub-5485624796433469%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.173.1 /
Resource Hash: 23d934e7e90d8ae4808cda2eced7e23b9dd9155bbec60699a1758a9596c5d39e

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 05:17:53 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1592284673
Last-Modified: Tue, 16 Jun 2020 05:17:53 GMT
Server: MMBD/3.173.1
x-mm-latency: 22 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x53, zrh-bidder-x138
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 16 Jun 2020 05:17:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200610/r20110914/client/ 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200610/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2d1f9c78d8c0755bb8830fd20121d6d05c949c89b20536a89b6643f748c600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 02:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1479
x-xss-protection: 0
server: cafe
etag: 9751230926324105381
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jun 2020 02:16:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 05:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28482
x-xss-protection: 0
expires: Tue, 16 Jun 2020 05:17:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200610/r20110914/client/ 12 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200610/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20368f111c3d36cb93392f457416b161d2ef458651621913bb65f592eb9d6659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 18:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5251
x-xss-protection: 0
server: cafe
etag: 11052063154954544777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jun 2020 18:37:18 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRLlkAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJkBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRKgbGgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE&sigh=vxvk5ZEaD4k&tpd=AGWhJmuz0ZDZIS74H6-Mrdon8kk2S2QgJ0XBCQauJ_GCLIb0T-FwLohPW8Lm0PilVMOeSmYicCDBB0wU1rx1M_cR2q-Xh6lRqOu9CKjyBgFUsWazGgwPssqVa43SiGhimKPi4vNWcXVHx143eqi7q8d8LvnFrytom56jWuLLGbofGbb2UZNIo92mUacfCcp0z2L4-nkU4q2xul7Wko7d7d51uorK3xXk4DRsxvn01NA5qCy_rG7woxiArQ_67fLFJZLahpNak6wZMrmyouvP2QxU1_HWBD-V1eiMdhnd2l0LhjM0QRuGM8r-fsDeLFngTAvBkuvpWUu61PVq343y0i-QjygHAIdcJvZNXjthRZCXWnLXLugtwxt2OeyTWu7l6C4HWHGCvs9cBYRT7F7A6lOXTe2uVPTlPbufrG5-Utpfi87s4e23OvLFTCpjMO-TWQbhcYlAAdXeau7JK1bxtsqlFMQKEkhS61rrEY7jDpC-FIKSjlz8ipoeE0_Z92OWeU3af9NX-aaUgzFUFmdN0Shs0dK0V2p5gMvDXKS1S092osAMFnXkqVgth8kl0ZW0lY9vVWyEC2QXspYROeeclM30hxs3jHRsBfDO5B-k5Nm1SrNjFSBJO-TP3ahbcm88aQzIUjUL2_hhljq6HocyxhKEXOx-pZ3bi-ajUE7gCCqaiLvu11ZcUruFZi65JIK4kS5PkvlvDbHMwWllm5LXWrNBKj46VehUY1uAHYlxo8spaW2kL8IDsPmyI3f1vKKZSXWX8SA2E2ps0KqT_bOjMY-45Tx985nDvk_Ud7v9u_CvTCKZcTA7vOsRJmnRFxsIGxCR_02avhWEbCw9WHMH_v6wL-Uou59DI_JXDtPp5f2-shDt82ZjZiAc61OCbINA050jfxG1e2_1pwZ-rz6Re8388zzODdIxCIHvRjUrT6G0uXrqrMecSYVGnKcW1FgMcDCQowYyWpRo6nSiMgTp4IHGfL2YF8YtcqZrTffvr-By_RZK6mk2_XRWI7ce0uJViE0vQmGUz7aUCcC9rB0AzSDO7ODCuEk2sPWGp8CSpWwN4X0J6FyIGZGlEBsZnMRJI5Bykzz3wA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Jun 2020 05:17:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jun 2020 05:17:53 GMT

GET
H/1.1 200
OK yrsa821xsiee Show response
hal9000.redintelligence.net/zone/ 10 KB
3 KB 80ms
27ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&rnd=1654514693733817089&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6d97af1a5825b8d833f6a54c2a97b117f0e58adf4d96b70a4521fcd4bdb3aed7

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 16 Jun 2020 05:17:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3283
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ 49 B
330 B 123ms
56ms Image
image/gif 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1654514693733817089&node_id=1627&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&id=5aW95q2jLzIyLyAvWlRjNU56STBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2NTQ1MTQ2OTM3MzM4MTcwODkvNjYyMjMyNy80NTYyMzA2LzQvTXN1RkVrOEhHWkVibS01a1k0MG5BanNTamtCajI5STFhdEV1b0xncEx0QS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjU0NTE0NjkzNzMzODE3MDg5L3pyaC8wLzQxMS8zMC85OTkvOC8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNTkyMjg0NjczLzE1OTIyOTcyNzMvNC8/_qBlWbzWpUgZaWWIzRHN7A6AqpI&nodeid=1627&group=eu&auctionid=1654514693733817089&sid=4562306&cid=6622327&bp=a_bdgaab&nfy_act=LD5weg&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcH1rKy5wfWshIioqJCMqcH1rOiwkOQsiPwQgPQMiOSQrcHw&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%26client%3Dca-pub-5485624796433469%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.173.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 05:17:53 GMT
Server: MMBD/3.173.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x52, zrh-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 16 Jun 2020 05:17:52 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 43 B
359 B 105ms
47ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1654514693733817089&v3=651871&v4=4562306&v5=6622327&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&id=5aW95q2jLzIyLyAvWlRjNU56STBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2NTQ1MTQ2OTM3MzM4MTcwODkvNjYyMjMyNy80NTYyMzA2LzQvTXN1RkVrOEhHWkVibS01a1k0MG5BanNTamtCajI5STFhdEV1b0xncEx0QS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjU0NTE0NjkzNzMzODE3MDg5L3pyaC8wLzQxMS8zMC85OTkvOC8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNTkyMjg0NjczLzE1OTIyOTcyNzMvNC8/_qBlWbzWpUgZaWWIzRHN7A6AqpI&nodeid=1627&group=eu&auctionid=1654514693733817089&sid=4562306&cid=6622327&bp=a_bdgaab&nfy_act=LD5weg&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcH1rKy5wfWshIioqJCMqcH1rOiwkOQsiPwQgPQMiOSQrcHw&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%26client%3Dca-pub-5485624796433469%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2304 363fb6b master zrh-pixel-x5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 05:17:53 GMT
Server: MT3 2304 363fb6b master zrh-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Jun 2020 05:17:52 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ 49 B
330 B 127ms
57ms Image
image/gif 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1654514693733817089&st=4562306&time=1592284673&nodeid=1627
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&id=5aW95q2jLzIyLyAvWlRjNU56STBNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2NTQ1MTQ2OTM3MzM4MTcwODkvNjYyMjMyNy80NTYyMzA2LzQvTXN1RkVrOEhHWkVibS01a1k0MG5BanNTamtCajI5STFhdEV1b0xncEx0QS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjU0NTE0NjkzNzMzODE3MDg5L3pyaC8wLzQxMS8zMC85OTkvOC8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNTkyMjg0NjczLzE1OTIyOTcyNzMvNC8/_qBlWbzWpUgZaWWIzRHN7A6AqpI&nodeid=1627&group=eu&auctionid=1654514693733817089&sid=4562306&cid=6622327&bp=a_bdgaab&nfy_act=LD5weg&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcH1rKy5wfWshIioqJCMqcH1rOiwkOQsiPwQgPQMiOSQrcHw&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%26client%3Dca-pub-5485624796433469%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.173.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 05:17:53 GMT
Server: MMBD/3.173.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x46, zrh-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 16 Jun 2020 05:17:52 GMT

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

146ms
99ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1600x1200&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5485624796433469%26output%3Dhtml%26h%3D600%26slotname%3D9313034322%26adk%3D2664609930%26adf%3D2175242420%26w%3D300%26lmt%3D1592203023%26psa%3D1%26guci%3D2.2.0.0.2.2.0.0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fzengin.ajtw.net%252F%26flash%3D0%26wgl%3D1%26dt%3D1592203023499%26bpp%3D3%26bdt%3D477%26idt%3D282%26shv%3Dr20200609%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D638x280%252C336x280%26correlator%3D8134720798721%26frm%3D20%26pv%3D1%26ga_vid%3D1320753588.1592203024%26ga_sid%3D1592203024%26ga_hid%3D698032692%26ga_fc%3D0%26icsg%3D535208%26dssz%3D15%26mdo%3D0%26mso%3D0%26u_tz%3D540%26u_his%3D18%26u_java%3D0%26u_h%3D768%26u_w%3D1366%26u_ah%3D728%26u_aw%3D1366%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D852%26ady%3D429%26biw%3D1349%26bih%3D651%26scr_x%3D0%26scr_y%3D0%26eid%3D21060548%252C26835106%26oid%3D3%26pvsid%3D2464756739182582%26pem%3D255%26ref%3Dhttp%253A%252F%252Fzengin.ajtw.net%252Fsm.php%26rx%3D0%26eae%3D0%26fc%3D896%26docm%3D11%26brdim%3D0%252C77%252C-8%252C-8%252C1366%252C%252C1382%252C744%252C1366%252C651%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D8208%26bc%3D1%26ifi%3D3%26uci%3D3.vyqf7di85h1z%26xpc%3Ddn5ODEPczl%26p%3Dhttp%253A%2F%2Fzengin.ajtw.net%26dtd%3D323&ancestorOrigins=&random=2908120027148&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d928a8c9bf1e2358c7374ecbc3efe59d0a919dc52b392d6afad4424b3eda58ae

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 05:17:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 18124900030357300951401011262025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Tue, 16 Jun 2020 06:17:54 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 05:17:54 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1600x1200&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5485624796433469%26output%3Dhtml%26h%3D600%26slotname%3D9313034322%26adk%3D2664609930%26adf%3D2175242420%26w%3D300%26lmt%3D1592203023%26psa%3D1%26guci%3D2.2.0.0.2.2.0.0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fzengin.ajtw.net%252F%26flash%3D0%26wgl%3D1%26dt%3D1592203023499%26bpp%3D3%26bdt%3D477%26idt%3D282%26shv%3Dr20200609%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D638x280%252C336x280%26correlator%3D8134720798721%26frm%3D20%26pv%3D1%26ga_vid%3D1320753588.1592203024%26ga_sid%3D1592203024%26ga_hid%3D698032692%26ga_fc%3D0%26icsg%3D535208%26dssz%3D15%26mdo%3D0%26mso%3D0%26u_tz%3D540%26u_his%3D18%26u_java%3D0%26u_h%3D768%26u_w%3D1366%26u_ah%3D728%26u_aw%3D1366%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D852%26ady%3D429%26biw%3D1349%26bih%3D651%26scr_x%3D0%26scr_y%3D0%26eid%3D21060548%252C26835106%26oid%3D3%26pvsid%3D2464756739182582%26pem%3D255%26ref%3Dhttp%253A%252F%252Fzengin.ajtw.net%252Fsm.php%26rx%3D0%26eae%3D0%26fc%3D896%26docm%3D11%26brdim%3D0%252C77%252C-8%252C-8%252C1366%252C%252C1382%252C744%252C1366%252C651%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D8208%26bc%3D1%26ifi%3D3%26uci%3D3.vyqf7di85h1z%26xpc%3Ddn5ODEPczl%26p%3Dhttp%253A%2F%2Fzengin.ajtw.net%26dtd%3D323&ancestorOrigins=&random=2908120027148&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 16 Jun 2020 06:17:54 +0200

GET
H/1.1 200
OK request_content.php
hal900025.redintelligence.net/ Frame 2B86 0
0 78ms
27ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=18124900030357300951401011262025&a=9a647e89
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=e853c14027&subid=&uid=432f299ac6d4717d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1600x1200&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1654514693733817089%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D7e9b5ee8-5601-4601-8ef5-0a2a8b76115b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCbyTOAVboXrbkHcGt3gP4rYjwA8-HjptcwIbZgsYCwI23ARABIABgldKvgrgHggEXY2EtcHViLTU0ODU2MjQ3OTY0MzM0NjnIAQmoAwGqBJwBT9C5PdmEGMHSa8YuRSQAlXfPOZlzE9TrOYkQqiMTXDbh52xpOspzzr8KR4M3Dseh9uhKYgU2jarwJor8bTaioWmTYtQ9MIDQLbhE7UvROf8aG2gHI2VeHB4GycB_r9eCnrZrFhtuel24FhsNsWoPDTWaeFiL7mqmE5ogFe-GA98M1BAqgk_2Pq3cIPv1TUOPhV0lirDRaATE8ecNgAazk5iSz_Gh2WmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAfC2hvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_17qDO7DE4LI9rCE15R2dDwPve3ug%2526client%253Dca-pub-5485624796433469%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5485624796433469%26output%3Dhtml%26h%3D600%26slotname%3D9313034322%26adk%3D2664609930%26adf%3D2175242420%26w%3D300%26lmt%3D1592203023%26psa%3D1%26guci%3D2.2.0.0.2.2.0.0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fzengin.ajtw.net%252F%26flash%3D0%26wgl%3D1%26dt%3D1592203023499%26bpp%3D3%26bdt%3D477%26idt%3D282%26shv%3Dr20200609%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D638x280%252C336x280%26correlator%3D8134720798721%26frm%3D20%26pv%3D1%26ga_vid%3D1320753588.1592203024%26ga_sid%3D1592203024%26ga_hid%3D698032692%26ga_fc%3D0%26icsg%3D535208%26dssz%3D15%26mdo%3D0%26mso%3D0%26u_tz%3D540%26u_his%3D18%26u_java%3D0%26u_h%3D768%26u_w%3D1366%26u_ah%3D728%26u_aw%3D1366%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D852%26ady%3D429%26biw%3D1349%26bih%3D651%26scr_x%3D0%26scr_y%3D0%26eid%3D21060548%252C26835106%26oid%3D3%26pvsid%3D2464756739182582%26pem%3D255%26ref%3Dhttp%253A%252F%252Fzengin.ajtw.net%252Fsm.php%26rx%3D0%26eae%3D0%26fc%3D896%26docm%3D11%26brdim%3D0%252C77%252C-8%252C-8%252C1366%252C%252C1382%252C744%252C1366%252C651%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D8208%26bc%3D1%26ifi%3D3%26uci%3D3.vyqf7di85h1z%26xpc%3Ddn5ODEPczl%26p%3Dhttp%253A%2F%2Fzengin.ajtw.net%26dtd%3D323&ancestorOrigins=&random=2908120027148&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900025.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=5536cb3b42e370ba
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323

Response headers

Date: Tue, 16 Jun 2020 05:17:54 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 16 Jun 2020 06:17:54 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2086
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 514a5fa135c927a6bdd508fcb46643b2bb31ed063eb77e4387b82ec87af2ad58

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
109 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSPuM2VZxYy2DM-yZcTNRYsxPQ9m6egpXuU-b71gJRdlquXGDEo16LUGEEo6yGz_f6VEFpE_WbTt_v-t3LN3EhZKgR6GJPbw&sig=Cg0ArKJSzKVYtH1QvBozEAE&adk=2664609930&tt=-1&bs=1600%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=0,0,600,1600&mcvt=1011&rs=0&ht=0&tfs=17&tls=1028&mc=1&lte=1&bas=0&bac=0&met=mue&la=1&avms=geo&md=2&btr=0&lm=2&rst&dlt&rpt&isd&msd=0&ext&xdi=0&ps=1600%2C600&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-12-10-10-0-0-0&tvt=1018&r=v&id=osdim&vs=4&uc=11&upc=0&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=20&v=20200612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5485624796433469&output=html&h=600&slotname=9313034322&adk=2664609930&adf=2175242420&w=300&lmt=1592203023&psa=1&guci=2.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fzengin.ajtw.net%2F&flash=0&wgl=1&dt=1592203023499&bpp=3&bdt=477&idt=282&shv=r20200609&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=638x280%2C336x280&correlator=8134720798721&frm=20&pv=1&ga_vid=1320753588.1592203024&ga_sid=1592203024&ga_hid=698032692&ga_fc=0&icsg=535208&dssz=15&mdo=0&mso=0&u_tz=540&u_his=18&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=0&u_nmime=0&adx=852&ady=429&biw=1349&bih=651&scr_x=0&scr_y=0&eid=21060548%2C26835106&oid=3&pvsid=2464756739182582&pem=255&ref=http%3A%2F%2Fzengin.ajtw.net%2Fsm.php&rx=0&eae=0&fc=896&docm=11&brdim=0%2C77%2C-8%2C-8%2C1366%2C%2C1382%2C744%2C1366%2C651&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=1&ifi=3&uci=3.vyqf7di85h1z&xpc=dn5ODEPczl&p=http%3A//zengin.ajtw.net&dtd=323
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 05:17:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.redintelligence.net/	1970-01-19 12:27:40	Name: 8lcfmzhxc8d6_uid Value: 5536cb3b42e370ba
			.doubleclick.net/	1970-01-19 19:39:40	Name: IDE Value: AHWqTUmisc18Y53-g-DJHpyIZ-Pl296Nhy-lfzQ0Bm6a7Zwad0E41YeB_koUr_ET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
pagead2.googlesyndication.com
pixel.mathtag.com
tags.mathtag.com
tpc.googlesyndication.com
www.googletagservices.com
138.201.84.245
138.201.84.252
185.29.134.233
2.18.233.201
2a00:1450:4001:802::2001
2a00:1450:4001:81c::2002
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20368f111c3d36cb93392f457416b161d2ef458651621913bb65f592eb9d6659
23d934e7e90d8ae4808cda2eced7e23b9dd9155bbec60699a1758a9596c5d39e
514a5fa135c927a6bdd508fcb46643b2bb31ed063eb77e4387b82ec87af2ad58
5d1fe18b6208dd9773255a3a4b0c4bf86797cb8b1141763fe8ee3f28fc3dae78
6d97af1a5825b8d833f6a54c2a97b117f0e58adf4d96b70a4521fcd4bdb3aed7
7d2d1f9c78d8c0755bb8830fd20121d6d05c949c89b20536a89b6643f748c600
961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d928a8c9bf1e2358c7374ecbc3efe59d0a919dc52b392d6afad4424b3eda58ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

googleads.g.doubleclick.net Open in urlscan Pro 2a00:1450:4001:81c::2002 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

100 %HTTPS

33 %IPv6

5 Domains

8 Subdomains

7 IPs

3 Countries

45 kBTransfer

109 kBSize

2 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

googleads.g.doubleclick.net Open in urlscan Pro
2a00:1450:4001:81c::2002 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

45 kB
Transfer

109 kB
Size

2
Cookies

13 HTTP transactions
1 data transactions