ymaillogin.net Open in urlscan Pro
18.158.98.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ymaillogin.net/
Effective URL:
https://ymaillogin.net/
Submission: On July 08 via manual (July 8th 2022, 6:41:32 pm UTC) from IN — Scanned from DE

Summary HTTP 226 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 41 domains to perform 226 HTTP transactions. The main IP is 18.158.98.109, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is ymaillogin.net.
TLS certificate: Issued by R3 on June 7th 2022. Valid for: 3 months.

This is the only time ymaillogin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	18.158.98.109 18.158.98.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
16	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:c800:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 15	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:223... 2600:9000:223f:fe00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
3 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	195.209.111.19 195.209.111.19	52007 (ADRIVER-AS) (ADRIVER-AS)
2 2	64.74.236.255 64.74.236.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	54.64.231.104 54.64.231.104	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	141.95.98.71 141.95.98.71	16276 (OVH) (OVH)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	3.122.82.31 3.122.82.31	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
8	35.157.236.110 35.157.236.110	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	() ()
8	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	151.101.66.137 151.101.66.137	() ()
226	41

43 18.158.98.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

ymaillogin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c800:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.240 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.16.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:fe00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.36 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.19 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.231.104 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-231-104.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.82.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-82-31.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.157.236.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (None, )

ASN- ()

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	568 KB
43	ymaillogin.net 1 redirects ymaillogin.net	142 KB
41	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	376 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	196 KB
10	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
9	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 4121 cd.connatix.com — Cisco Umbrella Rank: 3762 cds.connatix.com — Cisco Umbrella Rank: 3876 ins.connatix.com capi-tier-1-us-east-2.connatix.com Failed img.connatix.com	464 KB
8	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5711	974 B
8	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1299	897 B
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	43 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	170 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307 fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com Failed	34 KB
3	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 8375	1 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 2244	955 B
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 7045	8 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 534	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 659	880 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 5503	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1029 pixel.quantserve.com — Cisco Umbrella Rank: 443	10 KB
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1220	210 B
1	pubmatic.com hbopenbid.pubmatic.com	115 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 744	312 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 820	361 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 2074	711 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3185	44 B
1	adriver.ru 1 redirects ssp.adriver.ru — Cisco Umbrella Rank: 14142	340 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 587	191 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	350 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	539 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2942	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	416 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 991	428 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 10048	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 8565	98 KB
0	omnitagjs.com Failed hb-api.omnitagjs.com Failed
226	41

	Domain	Requested by
43	ymaillogin.net	1 redirects ymaillogin.net
31	tpc.googlesyndication.com	ymaillogin.net googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
17	pagead2.googlesyndication.com	ymaillogin.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	cm.g.doubleclick.net	4 redirects 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com googleads.g.doubleclick.net
15	securepubads.g.doubleclick.net	ymaillogin.net securepubads.g.doubleclick.net cd.connatix.com
10	s0.2mdn.net	ymaillogin.net s0.2mdn.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com ymaillogin.net googleads.g.doubleclick.net 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
8	prebid.smilewanted.com	go.ezodn.com
8	btlr.sharethrough.com	go.ezodn.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net go.ezodn.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	cds.connatix.com	cd.connatix.com
4	www.googletagservices.com	googleads.g.doubleclick.net 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
4	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	pb-server.ezoic.com	go.ezodn.com
3	an.yandex.ru	2 redirects
3	www.gstatic.com	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
3	fonts.googleapis.com	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com tpc.googlesyndication.com
3	api.fouanalytics.com	ymaillogin.net api.fouanalytics.com
2	googleads4.g.doubleclick.net	ymaillogin.net
2	b1sync.zemanta.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	s.ad.smaato.net	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	sync.mathtag.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	capi.connatix.com	ymaillogin.net cd.connatix.com
1	img.connatix.com
1	ins.connatix.com	cd.connatix.com
1	prebid.a-mo.net	1 redirects
1	hbopenbid.pubmatic.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	onetag-sys.com	go.ezodn.com
1	cd.connatix.com	1 redirects
1	id5-sync.com
1	sync.inmobi.com	1 redirects
1	cc.adingo.jp	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
1	ssp.adriver.ru	1 redirects
1	pixel-sync.sitescout.com	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
1	rtb.openx.net	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.quantserve.com	ymaillogin.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	ymaillogin.net
1	go.ezoic.net	ymaillogin.net
1	www.googletagmanager.com	ymaillogin.net
1	go.ezodn.com	ymaillogin.net
1	ajax.googleapis.com	ymaillogin.net
0	imasdk.googleapis.com Failed	cd.connatix.com
0	capi-tier-1-us-east-2.connatix.com Failed	cd.connatix.com
0	hb-api.omnitagjs.com Failed	go.ezodn.com
226	56

This site contains links to these domains. Also see Links.

Domain
silktide.com
mail.yahoo.com
apps.apple.com
play.google.com
login.yahoo.com
www.ezoic.com
generatepress.com

Subject Issuer	Validity	Valid
ymaillogin.net R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.ezoic.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://ymaillogin.net/
Frame ID: 88EA1BAEF144F42A35DB26286F3DAFFC
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html
Frame ID: 383CF48988BE7EC4FE02A1ADCB57F9BF
Requests: 1 HTTP requests in this frame

Frame: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 561CFF104BB1C8E395798EA3A286830D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1384140828274880&output=html&h=250&adk=4030285474&adf=1072239391&w=336&lmt=1657305686&rafmt=12&psa=0&channel=3055233477&format=336x250&url=https%3A%2F%2Fymaillogin.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657305686541&bpp=1&bdt=224&idt=411&shv=r20220630&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&correlator=1932962382192&frm=20&pv=2&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068332%2C42531605&oid=2&pvsid=369371293406740&tmod=1010348972&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YrlFzRlZ2l&p=https%3A//ymaillogin.net&dtd=429
Frame ID: 5AD7010AB0950628B411A4A311CE1D98
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html
Frame ID: D9C711BD83F234A896461EAD55E94F04
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cfyv0V3rIYqHZAsLmxwKNwr-4CvaJoedqvMHqyM0P3Iz1ltAwEAEg_Ie8e2CVAqABh4mUjwHIAQmpArUdjJfVBLE-qAMByANIqgTdAU_QKUEk6Yto6ZqvZ04_y0MYt3IBIm9ISO9FSwTle1HEUrAqREu37Bux8cELHQ5wD0ftUuQHV_rHfecDSbLEvZvkGahsCteuKe2-xwOcRGKr5Q3HR8zuB_vFFoA53Go5POwLMinHH-FjDaOsUn0T2P4UBatd-TTmPBVJBbeT21KXXw1Ag0JpguaMhci2uHyAsVDSjJWA7xgG5u_eXgm7S3Xo19vLk3KItLMGCqADS_Sk_vGnNUe6isAp9LHziDrL3tXD8iQxdm81QqP2bzCTG2HYMIJy9qflK17HwOGNwAS-7vuB6wOSBQQIBBgBkgUECAUYBKAGLoAH4fbr8AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDW1RrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzg0MTQwODI4Mjc0ODgwGAA&sigh=0GkQMSU2X58&uach_m=[UACH]&cid=CAQSGwCNIrLMOrLAxxaw5R-UH-eA7R5kFOWbkzvYuRgB&template_id=419
Frame ID: E244A98C208F50F1E08F1164473AC167
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 35E707B9B4A29EC638F379381061A04D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88AB6EB10CB9064AB2EBAE6AB5613658
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93C45C53917690021FA06BDBB3CBFE50
Requests: 2 HTTP requests in this frame

Frame: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E4366173EB93CFD3DFDB0266C727C96C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0678B5360EB94AC8A44DD92DCA6B321F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 11D35E803D40C9AFF7726024C46AE1A8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0FDC3828049742D40391CA0DBDFC6294
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Frame ID: CD611C5D9C1C7B7EE34AFB7C7CA375EB
Requests: 1 HTTP requests in this frame

Frame: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8EEF48C430595D9833ABDBF4BC5E7DB3
Requests: 15 HTTP requests in this frame

Frame: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA373BB85A59DF3F05365702A03213BA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNUGcupTZc-XV5lGAJ0xJGHzeLsg5ahVNvAyl1ovq5ENeVB48HGYuSvvA-n6gEx0HI4sXj_FL9UkaaB0NUY_QqMHRgmtx-M-Ez0JAfRBHjFtSEmFJA1FcFgfViXD0KfWQa54eDzqbdk17wEAtVNdFiT6ICLo4umbYniqpBmpRU-KiTwRmuPEebJhquPsa4co2cpyNqg94ECr9pyCYD5HwvwAoiRYYg
Frame ID: FA33F50C85947D2FA865BF44D0D388FA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html
Frame ID: 64D45AED687FCC7DD4022F7F4C4F7CB0
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A13D4D6314C9B55381DC4491F4D73CD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33E34B7A0BE37C53C86EC2BD03CD891F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
Frame ID: 061415C61488A2B28B719F456A59C6CD
Requests: 9 HTTP requests in this frame

Frame: https://cds.connatix.com/p/169408/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: E7FA8B7B7AED1CB98F4221F765BE00FF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Everything about Yahoo Mail - Ymail Login

Page URL History Show full URLs

http://ymaillogin.net/ HTTP 301
https://ymaillogin.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

226
Requests

90 %
HTTPS

48 %
IPv6

41
Domains

56
Subdomains

41
IPs

9
Countries

2225 kB
Transfer

6401 kB
Size

46
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://mail.yahoo.com/
Title: https://mail.yahoo.com/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/yahoo-mail-organized-email/id577586159
Title: Yahoo Mail App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yahoo.mobile.client.android.mail&hl=en
Title: Yahoo Mail App

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/account/create
Title: Yahoo’s official website

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ymaillogin.net/ HTTP 301
https://ymaillogin.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHFK77Hd_carWBVkfnZbnWs&google_cver=1&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g-eUtpJ4jGv676g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g-eUtpJ4jGv676g

Request Chain 104

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFoBcUBlYTbP50vwRXjjr1Y&google_cver=1&google_push=ARnp8GAH3rItth8KnOBB8BUx5AuT_E47umVShCoCXaXan9uGKWATAG0ds2TZWJbLeiTjOLPQjQA9X7Ef7Ub9vfeVfAZA-NNRiwU7Hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFoBcUBlYTbP50vwRXjjr1Y&google_push=ARnp8GAH3rItth8KnOBB8BUx5AuT_E47umVShCoCXaXan9uGKWATAG0ds2TZWJbLeiTjOLPQjQA9X7Ef7Ub9vfeVfAZA-NNRiwU7Hg

Request Chain 105

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENtFc6GMUJnqCGd-WOlMAm0&google_cver=1&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENtFc6GMUJnqCGd-WOlMAm0&google_cver=1&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw&google_hm=

Request Chain 107

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEOmGLbdwU_9nsn6snvVVWc&google_cver=1&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOOGKFi7cBsi91U-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOOGKFi7cBsi91U-w

Request Chain 108

https://an.yandex.ru/mapuid/google/CAESEDvlgU60qO66tE0HTRaqp_U?ext-param=ARnp8GAMZw00YTuQl5SCMv5UcV_vxpZIl7uQh4le2MQBJ2zvmaakYy6AC3-h6l5l9N038Mq4vU3mO-cRzqbt-cfe-DPGwZwz6X597w&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEDvlgU60qO66tE0HTRaqp_U?redir-setuniq=1&ext-param=ARnp8GAMZw00YTuQl5SCMv5UcV_vxpZIl7uQh4le2MQBJ2zvmaakYy6AC3-h6l5l9N038Mq4vU3mO-cRzqbt-cfe-DPGwZwz6X597w&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDvlgU60qO66tE0HTRaqp_U&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1&C=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysh6W2eSkhQhCedGIwf4-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7ICtxGeezqux4gsGLM1IE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7ICtxGeezqux4gsGLM1IE%26google_cver%3D1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3MjAwMjY4MzkzNjc5MDU0NQ%3D%3D

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHFK77Hd_carWBVkfnZbnWs&google_cver=1&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR58G-M4dop83S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=wchiyHpZRAC6q9_8UHtyBA&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR58G-M4dop83S

Request Chain 159

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEH8XzbvtECqQRfGiHnLRXG8&google_cver=1&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELtHLFh4Mm8MyiIs9KO-I45aK4otciNlhp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELtHLFh4Mm8MyiIs9KO-I45aK4otciNlhp&google_hm=QUhIM0QtSDBZSXo4X2R4ZlVWaENKenc=

Request Chain 160

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEM2MO05lywT0HKk3lm_EQJ8&google_cver=1&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEM2MO05lywT0HKk3lm_EQJ8&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0&google_hm=Y0dCTnJjM01QZWNXMVJMa3Z1QTA=

Request Chain 161

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEOmGLbdwU_9nsn6snvVVWc&google_cver=1&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqiMpa-0p2jTcJJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqiMpa-0p2jTcJJ

Request Chain 163

https://sync.inmobi.com/gob?google_gid=CAESENklji2CByeVT3yqbRX1psY&google_cver=1&google_push=ARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTXQ1ImOkMCM2LjrEDWjR6jIuwhUBwo2-lR HTTP 302
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTXQ1ImOkMCM2LjrEDWjR6jIuwhUBwo2-lR&gdpr_consent=&gdpr=

Request Chain 185

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/169408/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Request Chain 209

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=4a19d3e3-8601-49d3-933e-416888a20e56&gdpr=&gdpr_consent=&us_privacy=

226 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ymaillogin.net/
Redirect Chain

http://ymaillogin.net/
https://ymaillogin.net/

167 KB
35 KB

513ms
455ms

Document
text/html

18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

a6eeb792a60d78b85c511c74d797e0e3b2f35fcdf096ae56d06c1fd2968889cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:41:26 GMT
display: pub_site_sol
expires: Thu, 07 Jul 2022 18:41:26 GMT
link: <https://ymaillogin.net/wp-json/>; rel="https://api.w.org/", <https://ymaillogin.net/wp-json/wp/v2/pages/1809>; rel="alternate"; type="application/json", <https://ymaillogin.net/>; rel=shortlink
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent
x-ez-minify-html: 5.34% 171103 / 180747
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;mm;2840843e614b9777cb810f2b794ae2a8;2-259039-31;9fe34af9-8f98-4d37-72d1-477ed7bc546a
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-powered-by: PHP/7.4.26
x-sol: pub_site
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge

Redirect headers

Cache-Control: public, max-age=2592000
Content-Length: 623
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html
Date: Fri, 08 Jul 2022 18:41:25 GMT
Display: staticcontent_sol
Location: https://ymaillogin.net/
Pagespeed: off
Response: 301
Server: nginx
Vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
X-Ez-Minify-Html: 11.88% 623 / 707
X-Ez-Proxy-Out: true 2.3
X-Ezoic-Cdn: Hit ds;mm;be969c031f925309f741c1e7bf7cce35;2-259039-31;4e99ef23-4c18-426d-6699-26e3018da07c
X-Middleton-Display: staticcontent_sol
X-Middleton-Response: 301
X-Origin-Cache-Control
X-Sol: pub_site
X-Turbo-Charged-By: LiteSpeed

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 12:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 12:33:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 140ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f37cb0cd199aad82abda3d8a3a9cacdb3fbfbf2583f1fd461a03a56922e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Origin: https://ymaillogin.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56411
x-xss-protection: 0
server: cafe
etag: 12240407207921749417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 18:41:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 97ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

d35de65c2878a10c1945fceb57a32346606d0225fca6bc1d9a801ab1dad60b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28102
x-xss-protection: 0
server: sffe
etag: "1268 / 426 of 1000 / last-modified: 1657295190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Jul 2022 18:41:26 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 333 KB
98 KB 95ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff710c2e6e1889c23e3ff5884bb3bb3dddf617a46e1ec1fd929fa4bcb94c3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 18:37:40 GMT
server: cloudflare
age: 1469026
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAcdIgrSQVFyXVX6lURZmOOGiX3jV6eTqQf3cqshseiFh78ikBPHrCCNbiyhK6dioiV4svmMlhoBhrLJLixwMnTl5hkVL7PuVEcYvylByYehZTzUhCxWLx8IcxpFLtyy6Fl6G%2Fr9W7ZafSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727af43bef8a693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
ymaillogin.net/wp-includes/css/dist/block-library/ 9 KB
2 KB 63ms
62ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

538a8ff1efcfd23c58a4e102ea4551d21eb72b046e10190fa3da92d997546016

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "145db-624ce97e-67ec34570967f885;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;87048c654dc2deedc2b2cbb6d9b6de3a;2-259039-31;e5aebab0-ba5e-4ea2-74e0-019055df7769
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1593
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 widget-areas.min.css
ymaillogin.net/wp-content/themes/generatepress/assets/css/components/ 2 KB
739 B 38ms
36ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f19b386d1db7432eda631fe231e05332af0e4a2774a5e9b99c13a25f873c57d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "d1e-623f3dec-aeb8e4c10dfef069;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;1d7a1155d37677f06beb7b5e7fee497e;2-259039-31;d009cae1-c3d3-4b40-4411-20b3f109f0d5
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 476
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 main.min.css
ymaillogin.net/wp-content/themes/generatepress/assets/css/ 15 KB
4 KB 110ms
109ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7cb23295b64d9ea81f495636a28be051dd35e8bee7bf469b33c1f377e2a42f7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "4c36-623f3dec-8d5fdcbc67b018b9;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;1cd27380a9cd91743d2d31f39e898ef1;2-259039-31;0eb83594-304d-4e69-7705-86910207c43b
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3455
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 default.min.css
ymaillogin.net/wp-content/plugins/tablepress/css/ 2 KB
1 KB 69ms
68ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-content/plugins/tablepress/css/default.min.css?ver=1.14&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0f657b4c9a6da3cc834bcb59c47956186b50507263488ad9d3412d72924fff89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "13e4-623f4084-47286901c0a7cbae;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;2c3b65ec7c4cc1eaf3eb5cec5bc4c133;2-259039-31;82885ed4-1665-4c8f-4129-10bfc4f71aa7
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1148
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 88ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156561478-1

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

809a245f9ce120fa13e2778e40c344cba66b787f0019b6b0dad54f4bb5eb5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40349
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 18:41:26 GMT

GET
H2 200 cookieconsent.min.js Show response
ymaillogin.net/ezoic/ 4 KB
2 KB 31ms
30ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/ezoic/cookieconsent.min.js
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
etag: "11a4-5e32bc8b5a680-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1707
expires: Sat, 08 Jul 2023 18:41:26 GMT

GET
H2 200 menu.min.js Show response
ymaillogin.net/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 56ms
55ms Script
application/x-javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "1b1c-623f3dec-3998e76937e29af5;gz-gzip"
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;cd7591dd21d598a27a82c794d065e03b;2-259039-31;88ef49fa-3d2f-4916-441b-cdbce2271256
x-middleton-display: staticcontent_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1518
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/x-javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.00% 6940 / 6940
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 475 B
962 B 269ms
210ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cb6d1f95e48c4769aaef4fb20d9244b5af3261cde7aba6e9e44f5118ca9b9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hh8ZQNNkg9%2BF1gY%2BeX%2FPPqLRgF5edXrkKWlcLETlC4o9YbtJWo8XVZEMNzx0SX%2F%2BwwvvYzoIhi1oyXLTZ7HWgazE1iS6V1b83JCzRhAfJsRm09Q1y4TpEnRXd%2FX%2Flna8yZ8UWb2Y77wL6ncBgcFUjcy7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 727af43cab5191d8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 banger.js Show response
ymaillogin.net/porpoiseant/ 54 KB
12 KB 30ms
29ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/banger.js?cb=195-0&bv=123&v=61&PageSpeed=off
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4d3d41ba4b1025341fdd77230efd3257e64fc2719e93824633cf30203db0b3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 cmbv2.js Show response
ymaillogin.net/detroitchicago/ 92 KB
26 KB 43ms
42ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5df1a7da21176a5d05be215757d963449179a96bb94521f112ab23a6bfb37fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b6b9c4408576ac4d2ee39324a96d56f7b55e307daff0e2498db6dcd956ef0c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bd34152c5a3cf0d352008b0992f33900d5d8a664accc287de02df1443256536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 26ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 13:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Jul 2023 13:38:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
115 B 80ms
33ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef4a5a857063cebdf7f370c45e2b96ac22d9299619aeb8965aca316ac377dab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Fri, 08 Jul 2022 18:41:26 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 91ms
23ms Image
image/png 2600:9000:20eb:c800:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c800:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:26:09 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-sol: middleton
age: 360919
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: vlBohcGbVMLfSdqVgV-Y6QT3lZW8mfbELrD-ez0ZGPYNAg-i38HGBQ==
last-modified: Mon, 20 Jun 2022 23:34:59 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
display: staticcontent_sol
expires: Mon, 11 Jul 2022 14:26:07 GMT

GET
H2 200 houston.js Show response
ymaillogin.net/detroitchicago/ 4 KB
1 KB 26ms
26ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/houston.js?gcb=0&cb=19
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a4a8b01e50d2e38da531218860be5975e9d1ac71695edc72e3fc5afc53a6ea9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1480

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 210ms
137ms Image
application/json 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 tortoise.js Show response
ymaillogin.net/beardeddragon/ 2 KB
630 B 26ms
26ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/beardeddragon/tortoise.js?gcb=0&cb=3
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565c527fe8f92c8a9eadddf2a0e16eb40bbff31298fc67064f090e515f882b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 597

GET
H2 200 imp.gif Show response
ymaillogin.net/detroitchicago/ 43 B
95 B 511ms
210ms XHR
image/gif 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C4%2C31%2C34%2C35%2C35%2C35%2C35%2C0%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A8%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A2%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A6%2C%22domain_id%22%3A259039%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A7%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1126%2C1132%2C1135%2C1136%2C1138%2C1138%2C1138%2C1138%2C1139%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22613f8712-af95-40e3-68a4-1cf3971271a0%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A59364%2C%22response_time_orig%22%3A5%2C%22serverid%22%3A%223.67.13.114%3A23741%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1126%2C1132%2C1135%2C1136%2C1138%2C1138%2C1138%2C1138%2C1139%22%2C%22t_epoch%22%3A1657305685%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fymaillogin.net%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A828%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 74ms
26ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
etag: "Sy8yk7L2ihxjBP+YyKUKJg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Jul 2022 18:41:26 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 style.min.css
ymaillogin.net/wp-includes/css/dist/block-library/ 9 KB
9 KB 361ms
59ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ymaillogin.net/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "145db-624ce97e-67ec34570967f885;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;87048c654dc2deedc2b2cbb6d9b6de3a;2-259039-31;e5aebab0-ba5e-4ea2-74e0-019055df7769
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1593
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 widget-areas.min.css
ymaillogin.net/wp-content/themes/generatepress/assets/css/components/ 2 KB
2 KB 414ms
113ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ymaillogin.net/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "d1e-623f3dec-aeb8e4c10dfef069;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;1d7a1155d37677f06beb7b5e7fee497e;2-259039-31;d009cae1-c3d3-4b40-4411-20b3f109f0d5
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 476
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 main.min.css
ymaillogin.net/wp-content/themes/generatepress/assets/css/ 15 KB
15 KB 434ms
132ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ymaillogin.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "4c36-623f3dec-8d5fdcbc67b018b9;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;1cd27380a9cd91743d2d31f39e898ef1;2-259039-31;0eb83594-304d-4e69-7705-86910207c43b
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3455
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 default.min.css
ymaillogin.net/wp-content/plugins/tablepress/css/ 2 KB
2 KB 343ms
41ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ymaillogin.net/wp-content/plugins/tablepress/css/default.min.css?ver=1.14&ez_used_css_s=13

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "13e4-623f4084-47286901c0a7cbae;gz-gzip"
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;2c3b65ec7c4cc1eaf3eb5cec5bc4c133;2-259039-31;82885ed4-1665-4c8f-4129-10bfc4f71aa7
x-middleton-display: staticcontent_sol, orig_site_sol
date: Fri, 08 Jul 2022 18:41:26 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1148
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H2 200 cmbdv2.js Show response
ymaillogin.net/detroitchicago/ 50 KB
12 KB 333ms
32ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y37-23y5a-21y5e-24&cmbcb=86&sj=x03x0cx18x37x5ax5e
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 471be6c2f5c1084fa5af3db05877a6c725950d5fecbb46be9f2848b0ad90096b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/ 339 KB
119 KB 100ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1384140828274880&plah=ymaillogin.net&bust=31068332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75fc743fdeb23b91eb728f24a6a261e95f3e6d0fe1c97f73c8c0e1faca57dc60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122299
x-xss-protection: 0
server: cafe
etag: 1965733721271872993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 18:41:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/ Frame 383C 10 KB
5 KB 76ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 21:11:42 GMT
etag: 10429905676100781186
expires: Thu, 21 Jul 2022 21:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmash.js
ymaillogin.net/porpoiseant/ 24 KB
6 KB 329ms
28ms Other
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/nmash.js?v=123
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9985c301f7885d96399ac119bc6d467c238fb7274a1f6cd39ff36521b696c3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
etag: "6112-5e32bc8b5a680;5e32bc8b5a680-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 logo-272X90.png
ymaillogin.net/wp-content/uploads/2022/03/ 3 KB
4 KB 346ms
45ms Image
image/webp 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ymaillogin.net/wp-content/uploads/2022/03/logo-272X90.png?ezimgfmt=rs:272x90/rscb1/ng:webp/ngcb1
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 75c84c2ede0497e8eaaa80a3b296d91df4e7cf0509f6b25645a9240cc0ca620a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: 5fcb81aa-5c4e-4d17-8d6c-ee550bbb00ab
x-ezoic-cdn: Hit ds;mm;8e461ca8faebd55fd8eab044ae9e7fb4;2-259039-31;d5e069c6-64f3-4051-490b-bdf6c662fa7a
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-62bf2346-4edbb49c40ce31636a967ba0;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: UmJzEHFFIAMF2Qg=
content-length: 3568
response: 200
server: nginx
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 7j72Br5ItY_OvwkEmuNkRrCFD5KrMvui8_g4zv69A3njjye4bPlESQ==

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
428 B 72ms
24ms Script
application/javascript 2600:9000:2156:200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 20:25:49 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age: 80138
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: b3cOPuEfT0F5MGB8jrcd4i4xoAQ18YBNz91WzjFwt-ftQoT7phvo5g==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 88ms
31ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 99ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156561478-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6318
date: Fri, 08 Jul 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 18:56:08 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
139 B 324ms
24ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTc5MzQwOTM0NzE1NTQzOSIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjQ0In1dLCJpc19vcmlnIjowfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:27 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 325ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTc5MzQwOTM0NzE1NTQzOSIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJhZHNlbnNldHlwZSIsInZhbCI6IjEifV0sImlzX29yaWciOjB9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 325ms
24ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDExNDU5MDQ0OTExNDEwOSIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzOSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjQ0In1dLCJpc19vcmlnIjowfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 326ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDExNDU5MDQ0OTExNDEwOSIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzOSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJhZHNlbnNldHlwZSIsInZhbCI6IjEifV0sImlzX29yaWciOjB9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 464 B
277 B 495ms
494ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=2700724344763103&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=1144603186&sfv=1-0-38&ecs=20220708&fsapi=false&prev_scp=a%3D%257C251%257C%26iid1%3D3047334909086730%26eid%3D3047334909086730%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dymaillogin_net-medrectangle-2-3047334909086730%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1657305686699&lmt=1657305686&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

62ec8b14109825f4ffc6f3dc1b905a8d8370ccf9789aaf591c7a39025fbbd5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 561C 6 KB
4 KB 134ms
34ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:26 GMT
expires: Sat, 08 Jul 2023 18:41:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1837377626;labels=Domain.ymaillogin_net%2CDomainId.259039;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fymaillogin.net%2F;uht=2;fpan=1;fpa=P0-270941495-1657305686712;pbc=;ns=0;ce=1;qjs=1;qv=623f...
pixel.quantserve.com/ 35 B
372 B 26ms
26ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1837377626;labels=Domain.ymaillogin_net%2CDomainId.259039;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fymaillogin.net%2F;uht=2;fpan=1;fpa=P0-270941495-1657305686712;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220628170050;cm=;gdpr=0;ref=;d=ymaillogin.net;dst=0;et=1657305686712;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Everything%20about%20Yahoo%20Mail%20-%20Ymail%20Login%2Cdescription.Still%20can't%20log%20in%3F%20Get%20More%20Detailed%20Instruction%20and%20Tips%20on%20%22Yahoo%20Mail%20Login%20%2Curl.https%3A%2F%2Fymaillogin%252Enet%2F%2Csite_name.Ymail%20Login

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 60ms
31ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e5c6c793e1605905735480e28ebc646d67e6d96116869c371797bdfdd92c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 14:22:04 GMT
server: cloudflare
age: 3072
etag: W/"62bdb18c-3bb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg9cbMDGbxRevt3oDsszC1CIz2HmXCetVmyB3DdUgj0%2FBK5izTAQXPswdEsTx9x0SFEwQAOiigyt78IWuSMIWj1pqZVqdRO088GquiDLznd6rU7edYYoXO4SIZMFezHENuR18PN1UDghShDbJkSqPvxnBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727af43e59e39110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 73ms
28ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1237728289&t=pageview&_s=1&dl=https%3A%2F%2Fymaillogin.net%2F&ul=en-us&de=UTF-8&dt=Everything%20about%20Yahoo%20Mail%20-%20Ymail%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=677543592&gjid=216767903&cid=516299598.1657305687&tid=UA-156561478-1&_gid=1809713879.1657305687&_r=1&gtm=2ou6t0&z=810041741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
416 B 49ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ymaillogin.net&callback=_gfp_s_&client=ca-pub-1384140828274880

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1384140828274880&plah=ymaillogin.net&bust=31068332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

34a37ff86f176a3175e1fbdb7f15e17974ebd486cf4edca7fc88a99c86908dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 79ms
32ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ymaillogin.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 81ms
34ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ymaillogin.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AD7 127 KB
41 KB 422ms
376ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1384140828274880&output=html&h=250&adk=4030285474&adf=1072239391&w=336&lmt=1657305686&rafmt=12&psa=0&channel=3055233477&format=336x250&url=https%3A%2F%2Fymaillogin.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657305686541&bpp=1&bdt=224&idt=411&shv=r20220630&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&correlator=1932962382192&frm=20&pv=2&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068332%2C42531605&oid=2&pvsid=369371293406740&tmod=1010348972&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YrlFzRlZ2l&p=https%3A//ymaillogin.net&dtd=429

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e18a6f2e50bbb307b883d5d16cbe135154c09bb9bdf6e626b2f30bf36ee869f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHgiub46fgCFULzUQodDeEPpw&gqi=V3rIYvmTAvGQ9fgP-_KBoAQ&layout=/sadbundle/%24csp%253Der3%24/4215074129644307784/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41953
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHgiub46fgCFULzUQodDeEPpw&gqi=V3rIYvmTAvGQ9fgP-_KBoAQ&layout=/sadbundle/%24csp%253Der3%24/4215074129644307784/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:27 GMT
expires: Fri, 08 Jul 2022 18:41:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
310 B 779ms
779ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=1750878010849237&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-box-2%2Cymaillogin_net-box-1%2Cymaillogin_net-large-billboard-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=250x250%2C300x250%2C320x50%7C250x250%7C120x240%7C125x125%7C200x200%7C180x150%7C234x60%7C336x280%7C300x250%7C320x50%7C320x100&fluid=0%2C0%2Cheight&ifi=4&adks=3298124376%2C347099499%2C3285869728&sfv=1-0-38&ecs=20220708&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D7700763979086073%26eid%3D7700763979086073%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1132%26sap%3D1132%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dymaillogin_net-box-2-7700763979086073%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%7Ca%3D%257C5%257C%26iid1%3D1991440089114027%26eid%3D1991440089114027%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1135%26sap%3D1135%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dymaillogin_net-box-1-1991440089114027%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%7Ca%3D%257C2%257C%26iid1%3D856839555128145%26eid%3D856839555128145%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dymaillogin_net-large-billboard-2-856839555128145%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D500%26br2%3D240%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3456%2C3457%2C3458%2C3460&eri=1&sc=1&cookie=ID%3D4742e2189463e55c-228c6ea9c7cd005a%3AT%3D1657305686%3ART%3D1657305686%3AS%3DALNI_Mb41Kd-V3U_ep3hr5tXIoKc6I2BEA&abxe=1&dt=1657305687025&lmt=1657305687&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=485%2C1080%2C1080&adys=150%2C192%2C733&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=820x250%7C300x264%7C336x294&msz=250x250%7C300x250%7C336x280&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0%7C0%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ff2837d2bc293f8f3d6d054be602f207cce3ef0bb584d40fc1aec16c4c4341bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 x Show response
api.fouanalytics.com/api/ 0
524 B 250ms
222ms XHR
text/plain 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?FlfUYvIH91bzX7Mf$dXJsJDAkaHR0cHM6Ly95bWFpbGxvZ2luLm5ldC8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkZXZpY2VNZW1vcnkkMSQ4IiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ0IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkV2luMzIiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJuYXZpZ2F0b3ItaGFzaCQ1JDA1ZDhjZjY4IiwibmF2aWdhdG9yLXRpbWUkNSQzLjkiLCJzZW5kQmVhY29uJDUkMSIsImZvbnRyZW5kZXIkMTUkMSIsInRpbWUkMTUkMTY1NzMwNTY4NjgxMiIsInRpbWV6b25lJDE1JDAiLCJwbHVnaW5zLXRpbWUkMTUkMC4xIiwicGx1Z2lucyQxNSRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkMTYkMTguMiIsIm1lbS11c2VkSlNIZWFwU2l6ZSQxNiQxNC4zIiwibWVtLWpzSGVhcFNpemVMaW1pdCQxNiQzNzYwIiwidGltZS1mZXRjaFN0YXJ0JDE2JDg4IiwidGltZS1kb21haW5Mb29rdXBTdGFydCQxNiQ4OCIsInRpbWUtZG9tYWluTG9va3VwRW5kJDE2JDg4IiwidGltZS1jb25uZWN0U3RhcnQkMTYkODgiLCJ0aW1lLWNvbm5lY3RFbmQkMTYkMTQ1IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkMTYkMTExIiwidGltZS1yZXF1ZXN0U3RhcnQkMTYkMTQ1IiwidGltZS1yZXNwb25zZVN0YXJ0JDE2JDYwMSIsInRpbWUtcmVzcG9uc2VFbmQkMTYkNjI0IiwidGltZS1kb21Mb2FkaW5nJDE2JDYwNCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkMTYkODAxIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQxNiQ4MDEiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQxNiQ4MDIiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMTYkMCIsIm5hdmlnYXRpb24tdHlwZSQxNiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQyOCQwLjciLCJnbG9iYWxzJDI4JDY4YjBmOTFjIiwiZG9jdW1lbnQtdGltZSQzOCQwLjciLCJkb2N1bWVudCQzOSQxYTk3OTU4ZSIsImNvbm5lY3Rpb24kNDAkIiwiZG93bmxpbmtNYXgkNDAkIiwiZ2V0VXNlck1lZGlhJDQwJDIiLCJwYWdlLWZyYW1lLWNvdW50JDQxJDIiLCJwYWdlLWZyYW1lLWxpc3QkNDEkMHgwIzQ4NGM1YjViOWFhMDViYWUwZTM5ZTFlODQwOGY1MzFhLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20gMHgwI2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCIsInBhZ2UtaGFzaC10aW1lJDQzJDIuNCIsInBhZ2UtaGFzaCQ0MyQ0YjhhOWZiMCIsImZvbnQkNzgkMTAwMDAwMCIsInN0eWxlLWhhc2gkNzkkZTBhMjdiMDkiLCJzdHlsZS10aW1lJDc5JDAuNSIsImF1ZGlvLWNvZGVjJDc5JDIyMjEyIiwidmlkZW8tY29kZWMkNzkkMjIyMDAwIiwiY2xvY2skODQkMzkzOCIsInNvcnQkOTckMTIuNiIsInN0YWNrJDk5JDEzOTgyIiwic3RhY2stZXJyb3IkOTkkUmFuZ2VFcnJvcjogTWF4aW11bSBjYWxsIHN0YWNrIHNpemUgZXhjZWVkZWQiLCJzdGFjay10aW1lJDk5JDEuOCIsIndlYmdsJDE0NCQxIiwid2ViZ2wyJDE0NCQxIiwid2ViZ2wtdmVuZG9yJDE0NSRJbnRlbCBJbmMuIiwid2ViZ2wtcmVuZGVyZXIkMTQ1JEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsIndlYmdsLWV4dGVuc2lvbnMkMTQ1JGM1MzgyMGZlIiwid2ViZ2wtdGltZSQxNDUkNDUuNyIsImJhdHRlcnkkMTQ3JDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQxNDckcHJvbXB0IiwiYXVkaW9jb250ZXh0JDE4MyRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDE4MyQxMDIuNyIsImZyYW1lcmF0ZSQxODQkMjAiLCJpbnRlcnNlY3Rpb24tc2l6ZSQxODUkMTYwMHgxMjAwIiwiaW50ZXJzZWN0aW9uJDE4NSQxOSIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQxODUkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkMTg1JHByb21wdCIsInBlcm1pc3Npb24tbWljcm9waG9uZSQxODUkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkMTg1JHByb21wdCIsImFkYmxvY2skMTg2JDA~
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXKVr%2F8HeLHCRxzFNlLBE3gpr9OGX5cVXgSQAZhj8lBChCjbevFVoExpq5mOPoWh7g%2F4bq3ENR4QIPJ8kIuaYeRPJ8hMy5i0mAvyVPPmxgg0Xkw3GtNMVpjL41%2FzpQygXT13qVXwMqeBCDkFVoW1PyDriA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 727af440bd0a91fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 greenoaks.gif Show response
ymaillogin.net/detroitchicago/ 0
19 B 325ms
23ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDctMDgifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInRfZXBvY2giOjE2NTczMDU2ODUsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiODY5In1dfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/ Frame D9C7 175 KB
37 KB 83ms
30ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec8fc63c7ceea244d1f390126b2489575378699a2da32f7933a42361797f9fce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 136833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 36413
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 04:40:54 GMT
expires: Fri, 07 Jul 2023 04:40:54 GMT
last-modified: Wed, 16 Mar 2022 11:49:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E244 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfyv0V3rIYqHZAsLmxwKNwr-4CvaJoedqvMHqyM0P3Iz1ltAwEAEg_Ie8e2CVAqABh4mUjwHIAQmpArUdjJfVBLE-qAMByANIqgTdAU_QKUEk6Yto6ZqvZ04_y0MYt3IBIm9ISO9FSwTle1HEUrAqREu37Bux8cELHQ5wD0ftUuQHV_rHfecDSbLEvZvkGahsCteuKe2-xwOcRGKr5Q3HR8zuB_vFFoA53Go5POwLMinHH-FjDaOsUn0T2P4UBatd-TTmPBVJBbeT21KXXw1Ag0JpguaMhci2uHyAsVDSjJWA7xgG5u_eXgm7S3Xo19vLk3KItLMGCqADS_Sk_vGnNUe6isAp9LHziDrL3tXD8iQxdm81QqP2bzCTG2HYMIJy9qflK17HwOGNwAS-7vuB6wOSBQQIBBgBkgUECAUYBKAGLoAH4fbr8AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDW1RrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzg0MTQwODI4Mjc0ODgwGAA&sigh=0GkQMSU2X58&uach_m=[UACH]&cid=CAQSGwCNIrLMOrLAxxaw5R-UH-eA7R5kFOWbkzvYuRgB&template_id=419

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1384140828274880&output=html&h=250&adk=4030285474&adf=1072239391&w=336&lmt=1657305686&rafmt=12&psa=0&channel=3055233477&format=336x250&url=https%3A%2F%2Fymaillogin.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657305686541&bpp=1&bdt=224&idt=411&shv=r20220630&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&correlator=1932962382192&frm=20&pv=2&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068332%2C42531605&oid=2&pvsid=369371293406740&tmod=1010348972&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YrlFzRlZ2l&p=https%3A//ymaillogin.net&dtd=429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Jul 2022 18:41:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Jul 2022 18:41:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame E244 21 KB
9 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1384140828274880&output=html&h=250&adk=4030285474&adf=1072239391&w=336&lmt=1657305686&rafmt=12&psa=0&channel=3055233477&format=336x250&url=https%3A%2F%2Fymaillogin.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657305686541&bpp=1&bdt=224&idt=411&shv=r20220630&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&correlator=1932962382192&frm=20&pv=2&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068332%2C42531605&oid=2&pvsid=369371293406740&tmod=1010348972&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YrlFzRlZ2l&p=https%3A//ymaillogin.net&dtd=429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:22:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame E244 3 KB
1 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:34:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E244 137 KB
43 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 18:41:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame E244 17 KB
7 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:25:03 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
41ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
41 KB 709ms
709ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=3743953675355247&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=1417112416&sfv=1-0-38&ecs=20220708&ists=1&fas=8&fsapi=false&prev_scp=ga%3D2497208%26tap%3Dymaillogin_net-pixel1-8796830949129972%26ic%3D1%26ezoic%3D1%26bvr%3D0%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26br1%3D300%26ap%3D9999%26iid1%3D8796830949129972%26bra%3Dmod42-c&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd-228c5f42c9cd000d%3AT%3D1657305686%3AS%3DALNI_MbzpHB94KKaY82TX0snOXkKjGI-7g&abxe=1&dt=1657305687517&lmt=1657305687&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3d6e744db02d954acac6f1b9bb1efdd1e8973c93b4a77b9c39956e5dc30ecdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 35ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022063001.js?cb=31068337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

ebb8e8964b5b86218a37d73f701503ff287126d5573b27c20b654bcb2f5f8044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jul 2023 10:55:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 35E7 143 B
163 B 33ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1384140828274880&output=html&h=250&adk=4030285474&adf=1072239391&w=336&lmt=1657305686&rafmt=12&psa=0&channel=3055233477&format=336x250&url=https%3A%2F%2Fymaillogin.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657305686541&bpp=1&bdt=224&idt=411&shv=r20220630&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&correlator=1932962382192&frm=20&pv=2&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068332%2C42531605&oid=2&pvsid=369371293406740&tmod=1010348972&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YrlFzRlZ2l&p=https%3A//ymaillogin.net&dtd=429
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D9C7 16 KB
6 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Jul 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D9C7 26 KB
10 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 16:13:42 GMT

GET
DATA 200
OK truncated
/ Frame E244 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2faf32d7620ccd1e19fd0e5a1203a31d9af925c23da00efcb2f128d931039899

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 326ms
24ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDExNDU5MDQ0OTExNDEwOSIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzOSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjowfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 35E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

96ms
95ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:41:27 GMT
expires: Fri, 08 Jul 2022 18:41:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:41:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame D9C7 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:10:29 GMT

GET
H3 200 SI-360_Wohngesundheit_Kreis_500x500_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/ Frame D9C7 32 KB
32 KB 24ms
23ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/SI-360_Wohngesundheit_Kreis_500x500_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8070ffcc966d6804e1f0de36c24d5666f67bc8b70c0003bd9034b68181558dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33063
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 11:49:19 GMT
server: sffe
date: Thu, 07 Jul 2022 04:02:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jul 2023 04:02:22 GMT

GET
H3 200 SI-360_Wohngesundheit_Interieur_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/ Frame D9C7 21 KB
21 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/SI-360_Wohngesundheit_Interieur_300x250.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1d560e45d8aa1294289023f77641f0908548dc701534883c3987f6db4b63a0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 309701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21112
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 11:49:19 GMT
server: sffe
date: Tue, 05 Jul 2022 04:39:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jul 2023 04:39:46 GMT

GET
H3 200 SI-360_Wohngesundheit_Landschaft_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/ Frame D9C7 22 KB
22 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4215074129644307784/SI-360_Wohngesundheit_Landschaft_300x250.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707df7b483d867af0cfa5daf5277afd2c5a37cd69dfc9250ae80457b33cd3bea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 139145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22252
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 11:49:19 GMT
server: sffe
date: Thu, 07 Jul 2022 04:02:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jul 2023 04:02:22 GMT

GET
H2 200 dark-bottom.css
ymaillogin.net/ezoic/styles/ 3 KB
843 B 326ms
26ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/ezoic/styles/dark-bottom.css
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
etag: "bd7-5e32bc8b5a680-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 725

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 83ms
37ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2e5f8700f5f1d9ba4b43b2968d8843ced7d2707186ed201c6426993025535d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10690
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 18:41:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88AB 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 16:50:17 GMT
expires: Sat, 08 Jul 2023 16:50:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 93C4 783 B
534 B 78ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f0f85d91c70e4c54276de816c0b41210924bf35873a095897a440c58ebe5c26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_2eWrH-SMH3cjmu3QpoRaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_2eWrH-SMH3cjmu3QpoRaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:28 GMT
expires: Fri, 08 Jul 2022 18:41:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 88AB 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 10:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 10:19:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 93C4 0
0 60ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=369371293406740&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 88AB 0
9 B 23ms
22ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?suZ_-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E436 6 KB
3 KB 69ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:26 GMT
expires: Sat, 08 Jul 2023 18:41:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 greenoaks.gif Show response
ymaillogin.net/detroitchicago/ 0
19 B 326ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInRfZXBvY2giOjE2NTczMDU2ODUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjE0NSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNjAxIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyMyJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxNzcifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNzgifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTQ5MiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInRfZXBvY2giOjE2NTczMDU2ODUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjcyNCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInRfZXBvY2giOjE2NTczMDU2ODUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiNzUyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX1d
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:27 GMT

GET
H2 200 greenoaks.gif Show response
ymaillogin.net/detroitchicago/ 0
19 B 327ms
26ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInRfZXBvY2giOjE2NTczMDU2ODUsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMTkyOCJ9XX1d
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:26 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 326ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg3OTY4MzA5NDkxMjk5NzIiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoieW1haWxsb2dpbl9uZXQtcGl4ZWwxIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjkwYzNjNDhkMDE3MjkxNmQyN2MxMDJlYTRhYTlkNDljIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Nzk2ODMwOTQ5MTI5OTcyIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidW5pdCI6InltYWlsbG9naW5fbmV0LXBpeGVsMSIsInRfZXBvY2giOjE2NTczMDU2ODUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMywiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Nzk2ODMwOTQ5MTI5OTcyIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidW5pdCI6InltYWlsbG9naW5fbmV0LXBpeGVsMSIsInRfZXBvY2giOjE2NTczMDU2ODUsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:29 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 327ms
26ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wNy0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:27 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 326ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhdWN0aW9uX2Vwb2NoIjoxNjU3MzA1Njg4LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImJpZF9mbG9vcl9pbml0aWFsIjozMDAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjozMDAsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjczOSwibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E436 4 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:55:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 18:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 18:41:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0678 8 KB
966 B 76ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:58:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 18:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 18:41:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0678 2 KB
902 B 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:40:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 0678 21 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:15:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0678 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:23:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0678 17 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:22:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0678 0
0 31ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSTMh9VoCZ-PFQcsU7moyPfeMN9_aSjrlMPyMf2em-m_zy66WcRC5IN6BpOuND-TghohyHd5v7wd34upueE7jCdL2Qxw
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0678 137 KB
42 KB 81ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 18:41:28 GMT

GET
H2 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 0678 31 KB
13 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 18:10:58 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame E436 19 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:14:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E436 205 B
518 B 75ms
26ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:25:58 GMT
x-content-type-options: nosniff
age: 8130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jul 2023 16:25:58 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E436 604 B
695 B 75ms
26ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:48:08 GMT
x-content-type-options: nosniff
age: 10400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jul 2023 15:48:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 11D3 143 B
163 B 24ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0FDC 1 KB
749 B 23ms
22ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sat, 09 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0FDC 0
104 B 195ms
73ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEONyYGsBtKINUPQW8YvrfE4&google_cver=1&google_push=ARnp8GDze7LyeU4cSG8yRi25VCEhVvdl-tuq05mMazvCGGOJCjgzThpcq2jbr6K93lHK8cHUPuCM3VWerWqs9vyDq5ymnVKLGJMJfQ
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FDC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHFK77Hd_carWBVkfnZbnWs&google_cver=1&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g-eUtpJ4jGv676g

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g-eUtpJ4jGv676g

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 08 Jul 2022 18:41:29 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GC2fS_0w8ZJyzsXgxi6BwoQ8RvOES4jIKiMplpCTzzcE08ByPZuKF_NCr8Jjhs0J1BHqqEYWihcnhosFl_g-eUtpJ4jGv676g
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Jul 2022 18:41:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FDC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFoBcUBlYTbP50vwRXjjr1Y&google_push=ARnp8GAH3rItth8KnOBB8BUx5AuT_E47umVShCoCXaXan9uGKWATAG0ds2...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFoBcUBlYTbP50vwRXjjr1Y&google_push=ARnp8GAH3rItth8KnOBB8BUx5AuT_E47umVShCoCXaXan9uGKWATAG0ds2TZWJbLeiTjOLPQjQA9X7Ef7Ub9vfeVfAZA-NNRiwU7Hg

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1657305689.567099,VS0,VE89
x-served-by: cache-hhn4057-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFoBcUBlYTbP50vwRXjjr1Y&google_push=ARnp8GAH3rItth8KnOBB8BUx5AuT_E47umVShCoCXaXan9uGKWATAG0ds2TZWJbLeiTjOLPQjQA9X7Ef7Ub9vfeVfAZA-NNRiwU7Hg
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FDC
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENtFc6GMUJnqCGd-WOlMAm0&google_cver=1&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrL...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENtFc6GMUJnqCGd-WOlMAm0&google_cver=1&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrL...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw&google_hm=

170 B
188 B

34ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw&google_hm=

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ARnp8GA9LBA0FpVZgdGrcZkvYnGZGSvddt_YyRGcMmp5w3anfrUzKZQRpUJcuQvmB6cCKmdE-WaKSFmmrLa1Zz9FIRC4kaFXi2XXuw&google_hm=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0FDC 43 B
350 B 103ms
36ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG8c6Sf2eQB07BbT9r-O3dQ&google_cver=1&google_push=ARnp8GBlI4mVTaV9yIpibWbtuGYUhsEl6lH1kZEM_zdzhQdFTgWqTDY3RdI5venksoFOnx4rUvkLyI_qofijJZ1p2PqmZaidNf9CfA
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: m5rlhepmala0heafqeg0d0no1kl1eba3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FDC
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEOmGLbdwU_9nsn6snvVVWc&google_cver=1&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOO...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOOGKFi7cBsi91U-w

170 B
188 B

76ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOOGKFi7cBsi91U-w

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Jul 2022 18:41:28 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GBThqT55Ohg8rKucg8jEKTyfuq6GtQSbUdJXeiokFgryL67BIZtcgSjJQktkzacNzjjilGMekOTjwppSzOOGKFi7cBsi91U-w
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: QgtMZ9nFpa28AK87vXkq-NNUGY3SegT5dPnA0tfttiOWrk6fJ6o5OA==

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 0FDC
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEDvlgU60qO66tE0HTRaqp_U?ext-param=ARnp8GAMZw00YTuQl5SCMv5UcV_vxpZIl7uQh4le2MQBJ2zvmaakYy6AC3-h6l5l9N038Mq4vU3mO-cRzqbt-cfe-DPGwZwz6X597w&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEDvlgU60qO66tE0HTRaqp_U?redir-setuniq=1&ext-param=ARnp8GAMZw00YTuQl5SCMv5UcV_vxpZIl7uQh4le2MQBJ2zvmaakYy6AC3-h6l5l9N038Mq4vU3mO-cRzqbt-cfe-DPGwZwz6X597w&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDvlgU60qO66tE0HTRaqp_U&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

70ms
70ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:28 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 23 Jun 2023 18:41:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0FDC 0
232 B 85ms
28ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXEW7UJtIp6ZSeL-KXQS8Md96u4ATUt4sbWOXh_qTGru4WIr-tC4lYI_dds8xBR36gnYoBVQ

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 11D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

89ms
89ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:41:28 GMT
expires: Fri, 08 Jul 2022 18:41:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 18:41:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame CD61 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:42:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=369371293406740&bg=!gYKlgsbNAAaLlKKnq5Q7ACkAdvg8WomZfm7DtyDEtxD4fj3zcHJDKR6w-7ZtWh_R83G9J_Ytll1v4AIAAABWUgAAAAFoAQcKADGu6APForvh8L7pv63uSRb4NxRK89XLj2a4MUi4Lwonk4tcid9Z90WIgEm_usjGA4FkmQKnVabIVJudirhikwUgFUwyj2w_j5NGW3HI8vezyZaaxnd3uzomK2BvNxpBQpWcBPjY5d9cRgJUXlZFUx60hZAsnTl9ejJtEjIXbEh8ufNfZnpZsBWKxy-EWTIV5siMObDdA-dYqZJiRv42JCP3J_CFO1Wo4UswFJSWtzWHyh62iXVUHZ5zNs0MjA-jsOJ0JiwJtZcnySTT6J0B0eN4cLu_YU3O5a58KWpH-io6gXbTzl2QPYLpBKSH9TAgyyjw4vIK0DNS4-nv6Omr-eo8a9yDM9g2-feGv3FM5FnOxCZlRd7A6BKIWGlLUkeqnopoNMzRygDig9bpnc8S7QFFfzGkJ2Q5Nqlv9Vh-K4_hEKpYem8GzhfWbBI1mZZIoW8Vx264ZRqvRfezW93xwCfxw40GVShR0e7KjdoQA97ozk5p7NyXpzLUdF5NshoLZGUKLoo60jqKHev3MeRHVgBeNFMY_r10SbpLpfD6ZV8Jin0ZWxjETgyLD8TgLcPSlXys98BbJhYigD7G8Qp-PwO64YOj7dqeXiX26PKWYtOKAAgWm-mBs9sfYlMxApHVI414DriUnfC6LbhkJFvKrqgUA-Q3pi9DV2pRveDU8lmGuE3WJI74yQx2B49_9oJ8gIvgHbeyAcJqsibtWwJtPHFi_GNcxSp5OLxqJRHrJ5sBb4tzqZ2F06OwOTzHirlEK7MTauIvPkr_BU2qJOkYM9xGoKMQBTkzb26MJH8edgzcT8DGZjFZfGM-t33LUv0yFAl8eXVPMXrfPZbLencG9qZHoPJlHOJXaAEbMZZQ3KSC9OIr-CLN1AgC9UFAC_YSY8V-QYrtGnNgli1ikX99Y8uaKQ1vVYVhRfOVhnIpzU6lkGi5cp3VpswwJEisYkA9afBZFvGgRuWxOE6I0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 324ms
23ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc5NjgzMDk0OTEyOTk3MiIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJ5bWFpbGxvZ2luX25ldC1waXhlbDEiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg3OTY4MzA5NDkxMjk5NzIiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoieW1haWxsb2dpbl9uZXQtcGl4ZWwxIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:30 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:29 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
27 KB 575ms
574ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=261655186927242&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=347099499&sfv=1-0-38&ecs=20220708&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C5%257C%26iid1%3D1991440089114027%26eid%3D1991440089114027%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1135%26sap%3D1135%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dymaillogin_net-box-1-1991440089114027%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%26lb%3D400%26reqt%3D1657305690489&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305690494&lmt=1657305690&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=1080&adys=192&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x264&msz=300x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5a8a306473ea0a1d83d544bb78a895e58d3a0b797d3849a62685856effd18368

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLze4uf46fgCFfDbEQgdo74DzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/92716964203462656/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLze4uf46fgCFfDbEQgdo74DzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/92716964203462656/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27650
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 08 Jul 2022 18:41:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 348 B
171 B 491ms
491ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=673693756138918&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C120x240%7C125x125%7C200x200%7C180x150%7C234x60%7C336x280%7C300x250%7C320x50%7C320x100&fluid=height&ifi=9&adks=3285869728&sfv=1-0-38&ecs=20220708&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C2%257C%26iid1%3D856839555128145%26eid%3D856839555128145%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dymaillogin_net-large-billboard-2-856839555128145%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D260%26br2%3D240%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3154%2C3455%26lb%3D500%26reqt%3D1657305690485&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305690497&lmt=1657305690&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=1080&adys=733&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x294&msz=336x280&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

372a2b0be8222c651235bda1b58a6b86d257d49f7a2a7d7c2b9687b6be5b83ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 561ms
560ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=3712238812374917&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&adks=1144603186&sfv=1-0-38&ecs=20220708&ris=4&rcs=1&fsapi=false&prev_scp=a%3D%257C251%257C%26iid1%3D3047334909086730%26eid%3D3047334909086730%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dymaillogin_net-medrectangle-2-3047334909086730%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%26lb%3D400%26reqt%3D1657305690501&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305690506&lmt=1657305690&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bf1e4f9a8f171d81cbd7181c98bfdb3d26720ddab2437f9d7b011de589e92ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9369
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
162 B 463ms
463ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=3197242262924952&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=11&adks=3298124376&sfv=1-0-38&ecs=20220708&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D7700763979086073%26eid%3D7700763979086073%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1132%26sap%3D1132%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dymaillogin_net-box-2-7700763979086073%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%26lb%3D400%26reqt%3D1657305690499&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305690510&lmt=1657305690&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=485&adys=150&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=820x250&msz=250x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

47b673a21dc5ab539eb9025e770e537b5d004e4d1f9cc3992f846a09cb6a7bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8EEF 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:26 GMT
expires: Sat, 08 Jul 2023 18:41:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 24ms
23ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMwNDczMzQ5MDkwODY3MzAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU5MSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Ijg2ODAyYTkyM2ExZjMyNTE3ZTRjNWQzYjZkNTUwMjcxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDQ3MzM0OTA5MDg2NzMwIiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidW5pdCI6ImRpdi1ncHQtYWQteW1haWxsb2dpbl9uZXQtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NTczMDU2ODUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1OTEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMwNDczMzQ5MDkwODY3MzAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU5MSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:30 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 25ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wNy0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:31 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 28ms
28ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhdWN0aW9uX2Vwb2NoIjoxNjU3MzA1NjkxLCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjIwMCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTcwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:30 GMT

GET
H3 200 container.html Show response
484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA37 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:26 GMT
expires: Sat, 08 Jul 2023 18:41:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 29ms
27ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE5OTE0NDAwODkxMTQwMjciLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1ib3gtMS0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Ijg2ODAyYTkyM2ExZjMyNTE3ZTRjNWQzYjZkNTUwMjcxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTkxNDQwMDg5MTE0MDI3IiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidW5pdCI6ImRpdi1ncHQtYWQteW1haWxsb2dpbl9uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2NTczMDU2ODUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMiwiYWRfcG9zaXRpb24iOjExMzUsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0MzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE5OTE0NDAwODkxMTQwMjciLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1ib3gtMS0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:36 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 30ms
28ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wNy0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:28 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 29ms
28ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhdWN0aW9uX2Vwb2NoIjoxNjU3MzA1NjkxLCJhZF9wb3NpdGlvbiI6MTEzNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjIwMCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTk4LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA33 624 B
297 B 35ms
33ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNUGcupTZc-XV5lGAJ0xJGHzeLsg5ahVNvAyl1ovq5ENeVB48HGYuSvvA-n6gEx0HI4sXj_FL9UkaaB0NUY_QqMHRgmtx-M-Ez0JAfRBHjFtSEmFJA1FcFgfViXD0KfWQa54eDzqbdk17wEAtVNdFiT6ICLo4umbYniqpBmpRU-KiTwRmuPEebJhquPsa4co2cpyNqg94ECr9pyCYD5HwvwAoiRYYg

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 18:41:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8EEF 77 KB
33 KB 82ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFwBiicAwQE02pnEgbwwYxY4gB0uXXJFoJdp9PcHjAMo99x6cXFaYr6D6_m7HOuffgmq2dPd7lXbyk1Z7TAM6WsRdtMIZr7ICXzEQbw6LqcwyN3sZFz3TZTkjgiMMjmnQNXw7iuuHp-sS3rNPCLCC2L9hgIw&dbm_d=AKAmf-CbaN15Mb0SacGz-ET9KFLYF0TKlAKBwWqJ32dF5dLEyTr4klglEbdhhG3QpKCTavj7s9AZ90ffDCduReGsTXh-yepR3ybtuOklom6dQXYCQApohaU3ij8qrNhweWdhqczrzG3pVVdV_bYNW3J1FyCKeXVBMWrpeznTz8jrNaX4GpglF1t-6Cj2NHUq6NgEpEQoQiyrcjGdu9NTTQQ-LnEtji2By4FZIBF2Nf6azn60FldrdXvBKmzC1cd7r510vZaCXK8hNPMWQ78QkrHKphih4hKsN-d51KsDcbVNwrxag5I3qAnf9G8eXFbUT_ibBjKXISgmbVPTjXrCnW8BFKXdaMsmEXDGRQnfCM0DuntV0i2QRxq3FYuAX76set_nXTb5nRINTY6g8rY4uyPD74V42EqPdVyNfTjMDRCnvFGaa83EfBmcbyilolkguLtrWnumoB4PWts3JLaEa2R6kQhCSE43CL4T8hVttd7z5VhbMIyCmHnQLiN5LnPfU3zPk8i1evjUNw6bd5opdpovMVZOy2q_D97Bh70eiW2G4Tr8XlS5kbkgn6ScOvEPejz8yyKNRllys15WOrksJoFykQ30e2lVL1M0IXEU0tW5xkjXTepZZYrdWDbv5_vM0nWqOhMBoVwSV8WumWDJmlEYKwahYNui4PRUY_wGIdwC3ydX3zmCjShy1N8rlW6tYW_tFnTDWUv58ueUVgI-zUBZ4cku0XgL9fyf-V11OcUq53nG1L3ff7rUd2lcPYBHGEcKtfjJ44QRwK2A0y3aLh4ENSmlrTfTfF0Ag8PUtfi8Yrv77qBCD335lbiSVi6a5_3dVl75VzzghR_VfF2BIPF_3kzavWV2VSMnBdKmxbpqTXEdbuX7wmMP60qyKzSINwuNus_Th8Auf573DWV9zQbxo-qdfEkF-IUTg3dLwlAVzG4Ix_5rhHc7jGBpVdK1uoyGLrq-KOiKR04C6edZViDwIJnb2TBGAgl74ZKciaGHWzH13ZIDaW6CFTvxDhAdBsinO9HgLN4atFdY32cbLssbl_KZjyyR_Kxpb6enq_XqHEIKtOyGt1aiRUGgRa5sDcx6Pgh4xuVj_wN_mWi7hA4CdFq1Wnw2Qjo00DJBw6W174HZLZCpSHE01Kmv7NHOcFRZch0uJkZHWFCtNwp7A9iyXIsB3GlVqX80unxvbNknW1y9T-7NTGbAZIzN6IS4nwPZH6kU2Er45uuq7MOYg2nz5Mu8wgP5RcZ953WUOZ6Si-qliJ_EZEP3NJ4IwVzBEtnJa_1WNzK1W760wDQx_ePPcwesdrcuNeblJ2Dm5DIumddBS5xNPhsdQq0gZkpfbw76Gn95yh3T7553mWutsQKi5jqoaDWmLugEhHPvCa3DWd3-5ligvRlJ0nMbg16tHFj74nI8oa2Ez9oW0kAAJFHIMbv6Yw31z4eM8K-rgdYcnOzk5cD-kIMNw4u08ffjaAzGoabqjufpwlDGOM1lNpSUDTzMlDjAZWfWSEhoSat7lad2wjITKCxdiRtS4urursuctbt-QjwI4cWo_XGcUiIBdz6D02XEfCs7lL_L4j-tDiBFOD58FFSmCq0YQkxqxCuFTc7Wc2nKEE9I1KGDkhfhcrHzXIrT2BBGYSq744o-fagArslpZlm-X7-BRokFskalmc-kuRT6Ub9-XTXzu_47n166YAv9-OFmePuPLsVvu8cPZX6h7UmXCZ9KvynSw3KKfNwi0jjKE6mzj2utNzi4k3Yx_QgcqIO8i0lXkDODilsFK26HW3kL9h_hQ5Vjh2GH_7ftUDWAvhwbeT5RqTnbnJfrf_mYg22A7wnTsyELnNm0-G34zdYvw_Le_0q3-DDVvb00L69lrdH0nbtAbuLP6bF1tISHXkIwsVkwoau1uF0Ipy50OqhTFk8oO3LPqiqkLaNMmVwxYxWdAjOFaubv1xu8Z180qGWp2Cup_szfDdBv7sdPvsY6Enw16fspR2p28Flawrl8sjocXWjV815Zez5GZBJzY8CQt0S-pE-DJFOCgHyJl-sZqYFX0S_vQBsXVcHk0PKb36r1W5P9m1jPbrCZyuvQFXxdX3B2c2FSqIQpA8kuR0en2G61kP_5IRWu1--2NmRfs587AxWjC8R7W0OE_P05YbE1l-7y9CzdiqqUPyvQog1z1Swxs1epzDcKdk3DqixSeavqy6RASeWF_kgJHZfZO4G0yRH9jqeLVFvY6e3CVo80WTydzrQP39sdc5rWkYQHBkmrFrKEf6FA-oHxiszJQoldEcmHdCKQgNRZhC57EFvPj4VaYpBSZ3aCbuKtc0nAhh5Mihoo4GBtBV8BZExuttQ5n0bwSewZpYXLjv0lVZHZQKUCpkk9uHBTs5pbVMtISsKVILjF7t0J8ovLTMWRNhyFODKoM97-ABJ0UiSulJA-R4kFf7MRqZ16WIkankXXSHhVqW9lYuqpnEHHhOZOg4BPX1GP39oXDiuv6jbf4qhIgd34iGUmosy7I03PrY-xm17ji3R0PhNUKRV5M312tFf1ZbDFjE1bXtn2SV30tgKcWjoAuUeeNFY_WquYZdX-ecWnr70vzcXOdVeylUlnPgGd25TZlNhLNwMqudKJ-ElMGmS8bBi_NCXA1L2szVU0_lvBkjIcfPX_HoJ1GCT7UBjHuSmGnqbpaoYgJCgxWuk4DSrshOz8sZe7Frs4S59CsRLdF8147ZFmMjWGxTQVUzC7h34gWMlkjIuBFGGkYvu948cW7-NpWw7JJ4A6ubqX51ai6olZccKpy1Z7HjTa7ZI2uT8-zm-PcfnSYNKu-il2hTAkSY5J1mYLMaECvRdKeycHg_Dj2-sP-NYb6-tV8u5rDrvu4OuKakJjCrZHEmxninVnCu9f5iueOUgRbmBWSOCJ6xNtxqotfYcamZYfmYV6JP8cFqBhf11Hkotsfna2MBxV386a3zcC1cbqVJSmYxC9jSSZwzDc89zFE9SEgwP2h1I_QKu23FFcLvXcZj8EorDMZ3BFwY5ce-UlPLFHQtXTyOWD-nYRs1YyJ62tQoZsWCOEDksM6Ar2VPRhs0QbvL38CBq5PO83t7pRW3WyS7j_gkJizBQcDIeBQHG-CEom8qQdEFXT9c7VAP0b05EDsaz2Ae14IhZCW5TmmK4elcf2eQpE_HU2AZdNlQctjqYXnf9K3iAlONfEUbMiRO0lGSH1SXYVWY5q9wbLAIi0ddH0JHUcTf-9heK8XcD-gEJVUv3Wg2q8gxtFu62vFmvjLFUmdqSuitZdE3SpvhgakI6C6vE5bCSFVXQ1BxkRoA&cid=CAASJeRovmcajCveUAX_fdSUCgvdZ_AoVlz2_lgHOVSQjetbuwLA-Kg&rfl=1%2Chttps%253A%252F%252Fymaillogin.net%252F%240

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a54c7999f01c6e0d9521fd1295c391522dacf49a03b4bd37538faf0992a28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33362
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 42 B
63 B 59ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqblNb7Wph2Xay84tRVn9rzl_BlyRGIEKY6YKSJe1_61v0EAxXktmUwdmmy721PxyUdaT8YS-UywQajQApFHiGRiSXVVImAR9XEIzL-VUGO43Rfz4

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8EEF 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:23:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8EEF 17 KB
7 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:22:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EEF 137 KB
42 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 18:41:31 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 68 KB
19 KB 23ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a54814460951eba9e31d24e93e2c5593251ca86d3c4cb787d2cc4c9e621d7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 233312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19764
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 01:52:59 GMT
expires: Thu, 06 Jul 2023 01:52:59 GMT
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA37 0
0 68ms
68ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDPC4WnrIYrzJI_C3x_APo_2O6AzXqbz1ZrmWzLazDdvZHhABIPT5xiVglYKAgJQHoAGAw9yGA8gBCakCtR2Ml9UEsT7gAgCoAwHIAwKqBP0BT9CO0UwomraJ3RblVubhT6YRzWb32BEOQhiVkuyt7754fKI1rSyqQVqDB3xi5V8rhgfj_oIlHOnExZLiUc1w6pcmkKRCTR8WH_p3YHsDjiVEx44TIracVI6QzvAFuhmxflFYmCX_hvKrplkKGdYo4gdqA89pDB4mZ7O_b1LIcjQZ_Mt5HmCUQvJgTOw4XncGH9ShcZ1YAmPrpN8ULK3RNTzVoP9bmmje3Zg4GZQgzlIbzY7HKR6OJr2JMAnbV_frid3UTiEa0e6bi91yTsb19ukRK8QhDCnLm-050V6gXXFIcNdhdvTofwvlGlQ5h4hdim0lsJ0mbQvRvxm_8sAEm43bzsMD4AQBkgUECAQYAZIFBAgFGASgBl2AB-i8o3moB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDUqH_SCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTg5MTgyNzk4MTM5MjU0N4AKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4GL7JBw&sigh=PEpCz6mnibk&uach_m=[UACH]
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame BA37 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:23:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame BA37 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:22:04 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FA33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1&C=1

43 B
943 B

73ms
49ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNUGcupTZc-XV5lGAJ0xJGHzeLsg5ahVNvAyl1ovq5ENeVB48HGYuSvvA-n6gEx0HI4sXj_FL9UkaaB0NUY_QqMHRgmtx-M-Ez0JAfRBHjFtSEmFJA1FcFgfViXD0KfWQa54eDzqbdk17wEAtVNdFiT6ICLo4umbYniqpBmpRU-KiTwRmuPEebJhquPsa4co2cpyNqg94ECr9pyCYD5HwvwAoiRYYg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727af45b5c3c9180-FRA
pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqoRWU0WmjoVpx7EN061X7e1hW7C%2FOcz63CPnju5aWmKYJXrNxLYjnoS5DXmhgJ2Ws3HIRgYd%2F7NsG17B08MshY8GRpZP6zBIj4MoBe%2BONPT0o8mAKinoS7nXEBZg8Pzdx96jjT3fxysMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsSn4WRKjN6mxI2EHkRbFg2lT%2B5x3%2BEqCUcFeBq2bEhttGCwgzs6iDrDxWD5PGWxG38km1ir4tL6NXxDS%2BajlPHJXnprGMy%2FfBT4dGX56TV%2BCXXc4Y2l86wNcAL4xFC8jdTDrMCl9NcHYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 727af45ad94d5c4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FA33
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysh6W2eSkhQhCedGIwf4-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1

43 B
907 B

46ms
43ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNUGcupTZc-XV5lGAJ0xJGHzeLsg5ahVNvAyl1ovq5ENeVB48HGYuSvvA-n6gEx0HI4sXj_FL9UkaaB0NUY_QqMHRgmtx-M-Ez0JAfRBHjFtSEmFJA1FcFgfViXD0KfWQa54eDzqbdk17wEAtVNdFiT6ICLo4umbYniqpBmpRU-KiTwRmuPEebJhquPsa4co2cpyNqg94ECr9pyCYD5HwvwAoiRYYg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727af45c0db89180-FRA
pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU1GCEnNei%2BrC0hlsd3O%2BsQPSL300ig12cXxEbIMTjr48rGD2dONU8KJjXPyF6lXk9dALaNk%2FA20kuCgzYYYSi78R2pmJVUDOBU918C4798bVHAB1qtmGqyQpFb3CgBJ89IlsFcm5IKx2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECsEW7t1AzXMe2dEqPG16DA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame FA33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7ICtxGeezqux4gsGLM1IE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7ICtxGeezqux4gsGLM1IE%26google_cver%3D1

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7ICtxGeezqux4gsGLM1IE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNUGcupTZc-XV5lGAJ0xJGHzeLsg5ahVNvAyl1ovq5ENeVB48HGYuSvvA-n6gEx0HI4sXj_FL9UkaaB0NUY_QqMHRgmtx-M-Ez0JAfRBHjFtSEmFJA1FcFgfViXD0KfWQa54eDzqbdk17wEAtVNdFiT6ICLo4umbYniqpBmpRU-KiTwRmuPEebJhquPsa4co2cpyNqg94ECr9pyCYD5HwvwAoiRYYg

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 18:41:31 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1ee57e8d-2c77-4345-8a9b-1cb64339852d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 18:41:31 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1a8bd053-9c56-465a-977a-e556c150e6f5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7ICtxGeezqux4gsGLM1IE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA33
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3MjAwMjY4MzkzNjc5MDU0NQ%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3MjAwMjY4MzkzNjc5MDU0NQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 18:41:31 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5c8ea542-5b23-4da0-bd50-67e60bea102d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3MjAwMjY4MzkzNjc5MDU0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 64D4 3 KB
625 B 78ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98b086ba4ad8110fba7fcb3bf7f9873d52d7156da37d7ebeb72fc33963cb465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 18:26:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 18:41:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 18:41:31 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 64D4 16 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Jul 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 64D4 26 KB
10 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 16:13:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BA37 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVKI4Vo83Jjli3ql070cryEfYuWOAAlnVkInyFLcVbQCa4u0CCskuMnmCUDfTEorhpNDJDPq9Pw6eRLe4g4WTarjf97Q
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA37 137 KB
42 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 18:41:31 GMT

GET
DATA 200
OK truncated
/ Frame BA37 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ada5fc05539ba4f639558acd6a09b25f0b1a69c9dc6d3d160d1272a703621d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8EEF 106 KB
38 KB 94ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Origin: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 8EEF 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFwBiicAwQE02pnEgbwwYxY4gB0uXXJFoJdp9PcHjAMo99x6cXFaYr6D6_m7HOuffgmq2dPd7lXbyk1Z7TAM6WsRdtMIZr7ICXzEQbw6LqcwyN3sZFz3TZTkjgiMMjmnQNXw7iuuHp-sS3rNPCLCC2L9hgIw&dbm_d=AKAmf-CbaN15Mb0SacGz-ET9KFLYF0TKlAKBwWqJ32dF5dLEyTr4klglEbdhhG3QpKCTavj7s9AZ90ffDCduReGsTXh-yepR3ybtuOklom6dQXYCQApohaU3ij8qrNhweWdhqczrzG3pVVdV_bYNW3J1FyCKeXVBMWrpeznTz8jrNaX4GpglF1t-6Cj2NHUq6NgEpEQoQiyrcjGdu9NTTQQ-LnEtji2By4FZIBF2Nf6azn60FldrdXvBKmzC1cd7r510vZaCXK8hNPMWQ78QkrHKphih4hKsN-d51KsDcbVNwrxag5I3qAnf9G8eXFbUT_ibBjKXISgmbVPTjXrCnW8BFKXdaMsmEXDGRQnfCM0DuntV0i2QRxq3FYuAX76set_nXTb5nRINTY6g8rY4uyPD74V42EqPdVyNfTjMDRCnvFGaa83EfBmcbyilolkguLtrWnumoB4PWts3JLaEa2R6kQhCSE43CL4T8hVttd7z5VhbMIyCmHnQLiN5LnPfU3zPk8i1evjUNw6bd5opdpovMVZOy2q_D97Bh70eiW2G4Tr8XlS5kbkgn6ScOvEPejz8yyKNRllys15WOrksJoFykQ30e2lVL1M0IXEU0tW5xkjXTepZZYrdWDbv5_vM0nWqOhMBoVwSV8WumWDJmlEYKwahYNui4PRUY_wGIdwC3ydX3zmCjShy1N8rlW6tYW_tFnTDWUv58ueUVgI-zUBZ4cku0XgL9fyf-V11OcUq53nG1L3ff7rUd2lcPYBHGEcKtfjJ44QRwK2A0y3aLh4ENSmlrTfTfF0Ag8PUtfi8Yrv77qBCD335lbiSVi6a5_3dVl75VzzghR_VfF2BIPF_3kzavWV2VSMnBdKmxbpqTXEdbuX7wmMP60qyKzSINwuNus_Th8Auf573DWV9zQbxo-qdfEkF-IUTg3dLwlAVzG4Ix_5rhHc7jGBpVdK1uoyGLrq-KOiKR04C6edZViDwIJnb2TBGAgl74ZKciaGHWzH13ZIDaW6CFTvxDhAdBsinO9HgLN4atFdY32cbLssbl_KZjyyR_Kxpb6enq_XqHEIKtOyGt1aiRUGgRa5sDcx6Pgh4xuVj_wN_mWi7hA4CdFq1Wnw2Qjo00DJBw6W174HZLZCpSHE01Kmv7NHOcFRZch0uJkZHWFCtNwp7A9iyXIsB3GlVqX80unxvbNknW1y9T-7NTGbAZIzN6IS4nwPZH6kU2Er45uuq7MOYg2nz5Mu8wgP5RcZ953WUOZ6Si-qliJ_EZEP3NJ4IwVzBEtnJa_1WNzK1W760wDQx_ePPcwesdrcuNeblJ2Dm5DIumddBS5xNPhsdQq0gZkpfbw76Gn95yh3T7553mWutsQKi5jqoaDWmLugEhHPvCa3DWd3-5ligvRlJ0nMbg16tHFj74nI8oa2Ez9oW0kAAJFHIMbv6Yw31z4eM8K-rgdYcnOzk5cD-kIMNw4u08ffjaAzGoabqjufpwlDGOM1lNpSUDTzMlDjAZWfWSEhoSat7lad2wjITKCxdiRtS4urursuctbt-QjwI4cWo_XGcUiIBdz6D02XEfCs7lL_L4j-tDiBFOD58FFSmCq0YQkxqxCuFTc7Wc2nKEE9I1KGDkhfhcrHzXIrT2BBGYSq744o-fagArslpZlm-X7-BRokFskalmc-kuRT6Ub9-XTXzu_47n166YAv9-OFmePuPLsVvu8cPZX6h7UmXCZ9KvynSw3KKfNwi0jjKE6mzj2utNzi4k3Yx_QgcqIO8i0lXkDODilsFK26HW3kL9h_hQ5Vjh2GH_7ftUDWAvhwbeT5RqTnbnJfrf_mYg22A7wnTsyELnNm0-G34zdYvw_Le_0q3-DDVvb00L69lrdH0nbtAbuLP6bF1tISHXkIwsVkwoau1uF0Ipy50OqhTFk8oO3LPqiqkLaNMmVwxYxWdAjOFaubv1xu8Z180qGWp2Cup_szfDdBv7sdPvsY6Enw16fspR2p28Flawrl8sjocXWjV815Zez5GZBJzY8CQt0S-pE-DJFOCgHyJl-sZqYFX0S_vQBsXVcHk0PKb36r1W5P9m1jPbrCZyuvQFXxdX3B2c2FSqIQpA8kuR0en2G61kP_5IRWu1--2NmRfs587AxWjC8R7W0OE_P05YbE1l-7y9CzdiqqUPyvQog1z1Swxs1epzDcKdk3DqixSeavqy6RASeWF_kgJHZfZO4G0yRH9jqeLVFvY6e3CVo80WTydzrQP39sdc5rWkYQHBkmrFrKEf6FA-oHxiszJQoldEcmHdCKQgNRZhC57EFvPj4VaYpBSZ3aCbuKtc0nAhh5Mihoo4GBtBV8BZExuttQ5n0bwSewZpYXLjv0lVZHZQKUCpkk9uHBTs5pbVMtISsKVILjF7t0J8ovLTMWRNhyFODKoM97-ABJ0UiSulJA-R4kFf7MRqZ16WIkankXXSHhVqW9lYuqpnEHHhOZOg4BPX1GP39oXDiuv6jbf4qhIgd34iGUmosy7I03PrY-xm17ji3R0PhNUKRV5M312tFf1ZbDFjE1bXtn2SV30tgKcWjoAuUeeNFY_WquYZdX-ecWnr70vzcXOdVeylUlnPgGd25TZlNhLNwMqudKJ-ElMGmS8bBi_NCXA1L2szVU0_lvBkjIcfPX_HoJ1GCT7UBjHuSmGnqbpaoYgJCgxWuk4DSrshOz8sZe7Frs4S59CsRLdF8147ZFmMjWGxTQVUzC7h34gWMlkjIuBFGGkYvu948cW7-NpWw7JJ4A6ubqX51ai6olZccKpy1Z7HjTa7ZI2uT8-zm-PcfnSYNKu-il2hTAkSY5J1mYLMaECvRdKeycHg_Dj2-sP-NYb6-tV8u5rDrvu4OuKakJjCrZHEmxninVnCu9f5iueOUgRbmBWSOCJ6xNtxqotfYcamZYfmYV6JP8cFqBhf11Hkotsfna2MBxV386a3zcC1cbqVJSmYxC9jSSZwzDc89zFE9SEgwP2h1I_QKu23FFcLvXcZj8EorDMZ3BFwY5ce-UlPLFHQtXTyOWD-nYRs1YyJ62tQoZsWCOEDksM6Ar2VPRhs0QbvL38CBq5PO83t7pRW3WyS7j_gkJizBQcDIeBQHG-CEom8qQdEFXT9c7VAP0b05EDsaz2Ae14IhZCW5TmmK4elcf2eQpE_HU2AZdNlQctjqYXnf9K3iAlONfEUbMiRO0lGSH1SXYVWY5q9wbLAIi0ddH0JHUcTf-9heK8XcD-gEJVUv3Wg2q8gxtFu62vFmvjLFUmdqSuitZdE3SpvhgakI6C6vE5bCSFVXQ1BxkRoA&cid=CAASJeRovmcajCveUAX_fdSUCgvdZ_AoVlz2_lgHOVSQjetbuwLA-Kg&rfl=1%2Chttps%253A%252F%252Fymaillogin.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:39:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 8EEF 27 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:30:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8EEF 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A13 1 KB
749 B 22ms
22ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sat, 09 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8EEF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d631a4b486637a0959079d4d061a66acc787eca432900391585640b15c6bac2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
fonts.gstatic.com/s/rubik/v20/ Frame 64D4 17 KB
17 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f36d3add46f6a425f70f833b75be801d705199e7dbfdb11e4de9a935082a1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:00:23 GMT
x-content-type-options: nosniff
age: 168068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:00:23 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2
fonts.gstatic.com/s/muli/v27/ Frame 64D4 17 KB
17 KB 82ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v27/7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2401b6c90334f69bca585263201ccddb9d34412d38acaa83251fc63346716a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:49:36 GMT
x-content-type-options: nosniff
age: 262315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17020
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:49:36 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 33E3 22 KB
8 KB 24ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 127724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A13
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHFK77Hd_carWBVkfnZbnWs&google_cver=1&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=wchiyHpZRAC6q9_8UHtyBA&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR58G-M4do...

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=wchiyHpZRAC6q9_8UHtyBA&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR58G-M4dop83S

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 08 Jul 2022 18:41:31 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=wchiyHpZRAC6q9_8UHtyBA&google_push=ARnp8GAQdoyw60dVznYTSY1exBPIiJYRdqV11jL_QRA7xmuUezkERCB5XN6pjZhyJ0Dm2iD5YpB-9yxdcElwpqSR58G-M4dop83S
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Jul 2022 18:41:30 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7A13 0
191 B 144ms
38ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHuBBFmmvi4rbJK3b1T2fiI&google_cver=1&google_push=ARnp8GBl4m2RMupuDabETTHi4Cw55D4QSLmH6N4V3-jfcfm9J8vQ_eHbq5kVf7iEU2T0yObpbFTPHgf220mcnIuZv12NejimS4U
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A13
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEH8XzbvtECqQRfGiHnLRXG8&google_cver=1&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELt...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELtHLFh4Mm8MyiIs9KO-I45aK4otciNlhp&google_hm=QUhIM0QtSDBZSXo4X2R4ZlVW...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELtHLFh4Mm8MyiIs9KO-I45aK4otciNlhp&google_hm=QUhIM0QtSDBZSXo4X2R4ZlVWaENKenc=

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GCEZoAf70fFTcPnUkIfb72TelVgy2-15a6yRT6Gzb18h8tcA_qAE58nAy71FTELtHLFh4Mm8MyiIs9KO-I45aK4otciNlhp&google_hm=QUhIM0QtSDBZSXo4X2R4ZlVWaENKenc=
Date: Fri, 08 Jul 2022 18:41:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A13
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEM2MO05lywT0HKk3lm_EQJ8&google_cver=1&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1AD...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEM2MO05lywT0HKk3lm_EQJ8&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1AD...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0&google_hm=Y0dCTnJjM01QZWNXMVJM...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0&google_hm=Y0dCTnJjM01QZWNXMVJMa3Z1QTA=

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 18:41:31 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAYCuFnNM9-ajYeUltLgluUfp0gE8knHREYea5kEnQ8hpsZrf9ZSpjENsot3xwX2ZoozShHe3mx__1ADjjJasKeE0tnSfL0&google_hm=Y0dCTnJjM01QZWNXMVJMa3Z1QTA=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A13
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEOmGLbdwU_9nsn6snvVVWc&google_cver=1&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqi...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqiMpa-0p2jTcJJ

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqiMpa-0p2jTcJJ

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Jul 2022 18:41:31 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDNffd9lEkeLuOz9elEVmBBju8-82i_P4C7UKSxsFNT6yj7aZ8AoG7v7n702Bh_BfJU_f1w8yB4zAooRPqiMpa-0p2jTcJJ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -K-VulWXJEmhqKDGHlB_QQbVfbnUy12CcV6wrJ3tNqqKPIXZWipwig==

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 7A13 0
44 B 775ms
254ms Image
text/plain 54.64.231.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESELHPcDQ2jly7yPOGEEvfIEY&google_cver=1&google_push=ARnp8GADTRe2M5HMpaFLidE9Dj8PZ4u3113vEIzQpQ4HTXhfVcBhj-dABNwhw29tBaiKAzEe3dFZP2XuIKNznLOxNpkI1M-q--p1
Requested by: Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.231.104 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-231-104.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: awselb/2.0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 7A13
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESENklji2CByeVT3yqbRX1psY&google_cver=1&google_push=ARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTXQ1ImOkMCM2LjrEDWjR6jIuwhUBwo2-lR
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTX...

43 B
1 KB

78ms
26ms

Image
image/gif

141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTXQ1ImOkMCM2LjrEDWjR6jIuwhUBwo2-lR&gdpr_consent=&gdpr=

Protocol

HTTP/1.1

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:30 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Fri, 08 Jul 2022 18:41:31 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GCRERW6SQh6WW1XhLKlrlewHUYq43v7Mv798Pk0yMq_4cfYBIEQgHUjTJq-UZTXQ1ImOkMCM2LjrEDWjR6jIuwhUBwo2-lR&gdpr_consent=&gdpr=
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept
content-length: 271
x-content-type-options: nosniff

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A13 0
12 B 30ms
28ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItDBP-35bbDVvTTDN_c1yM8ULj5WZ-aDNUeIBMqH-otCnxIkwPbn5qFnMpyEV167kf0WD3Eg

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15374167833468129461/728x90/ Frame 0614 4 KB
1 KB 70ms
24ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f20f65a10867616695b8f240166303c0376e91df1a7fc4d4bf6789f541fcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 276161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1391
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 13:58:50 GMT
expires: Wed, 05 Jul 2023 13:58:50 GMT
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8EEF 0
622 B 135ms
64ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBF_m22niX3ogMgMnDir9FDKO9U7nSTBoxPx4chxwJBTKoGWNvs90NeAsV85Bij_D6xjKRU7afKdYqUfwLbFzLYWCfk3yuaOVgW6R6IbX4eHXdBdNkbS73u23UAdvDB4-r_zWs5-YOdXGup7OjUzZEYd1R5zbDJ0k-sJEQbtl13gusckJ1SDaeUBY0CaOuo3KF-mAvFwo1iaAybXjTs8bfqzkNHWECU15RjOcW9hXMoFURmBNxdHCGxHLNykBEghwjz1FfgVAOXBbqvO2Edpe-5Oxcz1yAOvdhcBKzgEKIN_igsKO60w6PGpu1pLpLG3Y3rr81Uf8DCIpESX2NGvwFWdDrk4MFizczF2suJYcwa-qSP6EXKEeAEO-Ba6Ty6HHGzNyi6mDBqsy4PTMLFNT059LQvb73CVjyuNtAcQjngZNmSI1BG-aLDfQO0YRHHXWUpWeJ7x2w0MU6K_tlqrQ0tzADlPG5NXhFKpqxdIAQFeOhAxcUOMEfXaI3izi_cD-8xMbavObxCLYVC3DV2i2zTmNaWUcEdPSPFIKNYOcNBHG76CrBC38sdQPU-JtO288GkVYe6yTNwtVbPJ_fhMzF0GOscyQc8NnLZVNmLVj9RItV-flPesdPGvD22Sn6Mp3fL_VclbmyRSjGXz_hVbyvMOduNR6ZSKv_8wL5eOwAEctg3sORbWRqhVjbcu5IrIoU4vy1h_CAyA0aZhYMGxN0IJ2O0Ge-cOrl1109uv1eEoqiJ2HDiq86rMWyKZ3sp3AS22qf-quHymq7dLAGI1KbbboXSi7WNdOf85dPvspm3n88ZOUh-IjjLpckpMykcbTG6ewf5GYC_al15iaEbMScF_k-wLuCrulWaylLDr18kpaLBtdyAb82C4OJgAeyPitDTIrqsy8y3NCUwUE66K968NF5pgfvxgYv3pIkUYYWtFQ-pgt8JHW10uY-WuaHvfh1VY3y_AYGv0o6dEcEj2WKqr8eg7kfWECJN2UG1HPm5kbOS9hUXHYg8jbtGXH-7JAl3qD9Y7SwBlHWa4irmtmC4XAHwM86VimrEa2deCEeg0hymqH2HP9eJK28_-4El0qwUq21qLXemddy3lGHL9mk9j15IQNApXJU7R76Q_Hb_AUfFtQCBN9SHnuNlzhE--39XO1LWOyYHDcPYjPkfPoCH2CZm4DUapKO9NcZqJyXpbGVRSNpFAO2yK0OpkbWSxgZSQBMCq3HiS8lBmn6VXCVBDQtcC13cTyK6mW7idIhPzHrnLYjx5AAuBh8jkmZ39fbCk3i8KJhDCqb795E-56Bkw&sai=AMfl-YRJTVbWOyl4gbWOIl7Wqr1lBDTVHj-R-xbg1jDsLDs0tIBK3D9Uphh69p0GVoq-RokLi8Xw_JBIo5dJEywIsY-DE4vrF2Ax6riJU8gw0z3fHzllvAVGw4VIV6S8rM9F_OWejMC9HPkCRX5Swv7rrJ82TGQRlW0Mhfz9OjQAkk73xeRW2fgDNvUves6sBJOCvWBWsXCGpaSitGrgqsJ4Hyvx&sig=Cg0ArKJSzAwV2Jhhi7eVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=127&cisv=r20220706.83841&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 08 Jul 2022 18:41:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 33E3 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:10:29 GMT

GET
H3 200 Asset_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 1 KB
695 B 24ms
23ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_3.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2606aa711e586bfe1be8beb2a08289903cf5b87e7a53403dabf1eda1b8c0d177

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 236098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 656
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 06 Jul 2022 01:06:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 01:06:33 GMT

GET
H3 200 Asset_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 3 KB
1 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 236098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1341
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 06 Jul 2022 01:06:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 01:06:33 GMT

GET
H3 200 Asset_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 51 KB
19 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_4.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 236098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19815
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 06 Jul 2022 01:06:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 01:06:33 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15374167833468129461/728x90/css/ Frame 0614 497 B
290 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b97dd8a7deaa5deb5db189d2232c24ff1ef9364a85c6e4af58652f4acb3bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:50 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame 0614 60 KB
60 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62ac909c03d9849fe1bfd100483c096325c7b77b83d74e47f9bb3b9b71185511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 276161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61463
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:50 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame 0614 2 KB
2 KB 26ms
26ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c57c3c8bf23476c0db84136a9b39fc2201cb9a982eca4cea83889ff68d23f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 276160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1604
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:51 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame 0614 50 KB
50 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb15699b8ac25947f2e62253efbcd84f1b954478d0a440f57d53186797e1d1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 276160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51062
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:51 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame 0614 1 KB
1 KB 29ms
28ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3ebc2cee7a5b7b0a6babcc921f9afad143474933fc7171820c28f88270a7071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 276160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1396
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:51 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame 0614 8 KB
8 KB 27ms
26ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aec15f636c485f3f7cd334a15982cbe33e446aca7ac46a0271696ef26a05765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 276160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8159
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:51 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0614 105 KB
35 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 18:41:31 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/15374167833468129461/728x90/js/ Frame 0614 992 B
402 B 28ms
28ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f52f5aece8d04c4685806353fb7c9646225fcdd825d1ba36d50472e771da79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 373
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 13:58:50 GMT

GET
DATA 200
OK truncated
/ Frame 64D4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Asset_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 3 KB
1 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 236098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1341
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 06 Jul 2022 01:06:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 01:06:33 GMT

GET
H3 200 Asset_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame 64D4 51 KB
19 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_4.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 236098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19815
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 06 Jul 2022 01:06:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 01:06:33 GMT

GET
H2 200 wp-emoji-release.min.js Show response
ymaillogin.net/wp-includes/js/ 18 KB
5 KB 49ms
49ms Script
application/x-javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ymaillogin.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5c3c4b20f3096c37f00d79fe0c4234f888926728ba3eddd94c8d6395266741f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
etag: "4705-621e2595-77a4895baa3958d9;gz-gzip"
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;40384bf0cb3c0da7cc084c0f68fc9792;2-259039-31;159e983e-89de-4af4-63e0-e2e395a7c174
x-middleton-display: staticcontent_sol
date: Fri, 08 Jul 2022 18:41:31 GMT
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response: 200
last-modified: Thu, 07 Jul 2022 00:01:14 GMT
server: nginx
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/x-javascript
cache-control: public, max-age=604800
x-ez-minify-js: 0.48% 18094 / 18181
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.3

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33E3 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ79FW3rIYpi9CJ2V3gP8m57QBQAAAAA4AeAEAg&bg=!d3SldDDNAAaYcLjmuHA7ACkAdvg8WoTVGppNuPteUi6j9rxlL3JNr_ZRWGNN0RmIe9R4ZtIZHd4PNAIAAABxUgAAAAFoAQcKAII6hZqbk11JreqNpEoLneoE0vH5yMaZQK8ffXFGDn953oTaE1h-J21h1dRc-WtQllkEsuYGOn_RnLW3Qw74DgkM093faoYywlBGcCtcBPUSKiWXJ4214dUI4pus99KdbYUzZL1YLSzlFNAr0vM5iQSCI0qfhinth8Vwxk_Qva3lMM_DmQLsIRUyntAMzagRuo-twUIJ2rCNm77CwW_tTxKRMffO7oSR5JfRrjjdeKPwjkOkoWzD86nWMEai63ddorCgHxG98wY-OEAnsj25uvoZg5xcmtdo6a429ctIZ1bwMZjDPttiSq98p--W6sQ7PFxn-GDUo1AWC-3e6ZYmAY40ZVtXSExwlv-5p4RBrt8CVk9h7ZGsShCvBcPdO2R0GHzjbUKUkFgxKOA5gtFMdt73aDVVIKMcWGqbOTio3x7DNjtbJQE-ZeCixpj7Xw0oQIf1SEYWM7KShvu3tKflYSSsKrGMTMucx8rjVsgteo5ekmmptz0O_ye_1QC9uoo3FSnyT8Lre6lDRGLSz5725SzuDxs690KqgmxGeJyNTciYdiYUOXMQ3bUnDd5IDwU9k_t2PLKp7Txg_Iqy1TXY2R4TByTaHZ5GweRpLgbUqbsnPEhKyCkKdvqCqIGXghe8xRasYQnpfXB3Fcf92nS4iuBOOgAZiGIQchwNRUqF0HDATFvnvTuIVQoTcCU2qv4eDXkogfexfqOKOK2TOBd2d5UVCXmtICqx2FHWqa4oWC5HNllXwAeGjwka5l-nvlXse33EdkOzgBOON4MgOQYb_mdqPlYayYafqYLrepfi_DhQJK2V5uvvxocUyY2bjNVetZvSQ3tOgR9F_xfjTL0n2EMAT7P5tLF5ny63kvWAxr__M2JIUrOzf_pMtiZnIjjcZVCFdPpfyIpHoqRdf3RUUKWa_l8828g76ktAiBbMOPEZNCDTrRB3ldJMaghdPvYc7OBzgH0hVNPUf-f8q_0cjcMfTVO1sE6tj-M3jiofhgj1qhd6yqE7ps-YzFc_cQNKidtgoKOwuyMRt4_ph1l_n1BXsQKQ7XDT9jVvGpU3mI_GqRxB7CMEzLoUL4emnpMd3F90LYLx0lXrIMRna2FEH6TXn3KX22r2L83kK1F0DM9QQWjdNfPkPPd_0BRG_hDtnLAAszF_n9pojzLl63tTfC2xMg

Requested by

Host: 484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8EEF 0
26 B 101ms
58ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBF_m22niX3ogMgMnDir9FDKO9U7nSTBoxPx4chxwJBTKoGWNvs90NeAsV85Bij_D6xjKRU7afKdYqUfwLbFzLYWCfk3yuaOVgW6R6IbX4eHXdBdNkbS73u23UAdvDB4-r_zWs5-YOdXGup7OjUzZEYd1R5zbDJ0k-sJEQbtl13gusckJ1SDaeUBY0CaOuo3KF-mAvFwo1iaAybXjTs8bfqzkNHWECU15RjOcW9hXMoFURmBNxdHCGxHLNykBEghwjz1FfgVAOXBbqvO2Edpe-5Oxcz1yAOvdhcBKzgEKIN_igsKO60w6PGpu1pLpLG3Y3rr81Uf8DCIpESX2NGvwFWdDrk4MFizczF2suJYcwa-qSP6EXKEeAEO-Ba6Ty6HHGzNyi6mDBqsy4PTMLFNT059LQvb73CVjyuNtAcQjngZNmSI1BG-aLDfQO0YRHHXWUpWeJ7x2w0MU6K_tlqrQ0tzADlPG5NXhFKpqxdIAQFeOhAxcUOMEfXaI3izi_cD-8xMbavObxCLYVC3DV2i2zTmNaWUcEdPSPFIKNYOcNBHG76CrBC38sdQPU-JtO288GkVYe6yTNwtVbPJ_fhMzF0GOscyQc8NnLZVNmLVj9RItV-flPesdPGvD22Sn6Mp3fL_VclbmyRSjGXz_hVbyvMOduNR6ZSKv_8wL5eOwAEctg3sORbWRqhVjbcu5IrIoU4vy1h_CAyA0aZhYMGxN0IJ2O0Ge-cOrl1109uv1eEoqiJ2HDiq86rMWyKZ3sp3AS22qf-quHymq7dLAGI1KbbboXSi7WNdOf85dPvspm3n88ZOUh-IjjLpckpMykcbTG6ewf5GYC_al15iaEbMScF_k-wLuCrulWaylLDr18kpaLBtdyAb82C4OJgAeyPitDTIrqsy8y3NCUwUE66K968NF5pgfvxgYv3pIkUYYWtFQ-pgt8JHW10uY-WuaHvfh1VY3y_AYGv0o6dEcEj2WKqr8eg7kfWECJN2UG1HPm5kbOS9hUXHYg8jbtGXH-7JAl3qD9Y7SwBlHWa4irmtmC4XAHwM86VimrEa2deCEeg0hymqH2HP9eJK28_-4El0qwUq21qLXemddy3lGHL9mk9j15IQNApXJU7R76Q_Hb_AUfFtQCBN9SHnuNlzhE--39XO1LWOyYHDcPYjPkfPoCH2CZm4DUapKO9NcZqJyXpbGVRSNpFAO2yK0OpkbWSxgZSQBMCq3HiS8lBmn6VXCVBDQtcC13cTyK6mW7idIhPzHrnLYjx5AAuBh8jkmZ39fbCk3i8KJhDCqb795E-56Bkw&sai=AMfl-YRJTVbWOyl4gbWOIl7Wqr1lBDTVHj-R-xbg1jDsLDs0tIBK3D9Uphh69p0GVoq-RokLi8Xw_JBIo5dJEywIsY-DE4vrF2Ax6riJU8gw0z3fHzllvAVGw4VIV6S8rM9F_OWejMC9HPkCRX5Swv7rrJ82TGQRlW0Mhfz9OjQAkk73xeRW2fgDNvUves6sBJOCvWBWsXCGpaSitGrgqsJ4Hyvx&sig=Cg0ArKJSzAwV2Jhhi7eVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&vt=11&dtpt=208&dett=3&cstd=127&cisv=r20220706.83841&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ymaillogin.net
URL: https://ymaillogin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/169408/ Frame E7FA
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/169408/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

1 MB
273 KB

41ms
20ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169408/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f28183f085aa036da571b0e40ae8105ab8ffc825bc2cb8568c3d67b203d3a08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 12:38:11 GMT
age: 21219
etag: "62a6360aaef629039d5934b8e5bec32d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 279419

Redirect headers

location: https://cds.connatix.com/p/169408/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Fri, 08 Jul 2022 18:41:31 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 271 B
491 B 80ms
20ms XHR
application/json 3.122.82.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.82.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-82-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 121a7895494cf562e623fea3fd368f7a796af3d9b3d971774f0909c6d2d8f94e

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 271
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 231 B
459 B 260ms
202ms XHR
application/json 3.122.82.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.82.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-82-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4a74ee2d4d944d338cbdb14c57a0b066c0a8fc4aa85dde652e05f925acb8ac59

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:31 GMT
x-prebid: pbs-go/v0.208.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 231
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 80ms
24ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ymaillogin.net
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 140ms
59ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
113 B 138ms
58ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 191ms
111ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 237ms
157ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 188ms
109ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 191ms
112ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 182ms
103ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
112 B 159ms
81ms XHR
text/plain 35.157.236.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.236.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-236-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 161ms
81ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.0&cb=27523665127

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 115 KB
39 KB 232ms
231ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

14a87b946f52969d3d7aec711b327972c383504f008fcffdc219b1dd8be340d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jul 2022 18:41:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 073989b7-a6f6-452e-9585-13ac38a89acb
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ymaillogin.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v1
hb-api.omnitagjs.com/hb-api/prebid/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 656ms
82ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ymaillogin.net
date: Fri, 08 Jul 2022 18:41:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
436 B 119ms
67ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbeff8fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 125ms
73ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf028fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 122ms
70ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf038fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 122ms
71ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf058fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
76 B 120ms
69ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf068fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 123ms
72ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf078fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 131ms
80ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf088fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 120ms
70ms XHR
application/json 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pubmatic,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ymaillogin.net
access-control-allow-credentials: true
cf-ray: 727af45cbf0a8fe9-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=4a19d3e3-8601-49d3-933e-416888a20e56&gdpr=&gdpr_consent=&us_privacy=

86 B
453 B

21ms
20ms

Image
image/png

3.122.82.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=4a19d3e3-8601-49d3-933e-416888a20e56&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 3.122.82.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-82-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

location: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=4a19d3e3-8601-49d3-933e-416888a20e56&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 08 Jul 2022 18:41:31 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/169408/ Frame E7FA 0
47 KB 21ms
21ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169408/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 12:38:11 GMT
age: 21219
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/169408/ 58 KB
9 KB 22ms
22ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169408/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:31 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 12:38:11 GMT
age: 21219
etag: "b07e9f868d1c559a08538d3b52f384bc"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8890

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame E7FA 9 KB
6 KB 162ms
161ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=169408&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c577d899cf11a82e4a1d9754c7f3e861fe8eec57954953b8526e4a957cf89e09

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://ymaillogin.net
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5556

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ymaillogin.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 597ms
597ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=529423641215356&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C120x240%7C125x125%7C200x200%7C180x150%7C234x60%7C336x280%7C300x250%7C320x50%7C320x100&fluid=height&ifi=12&adks=3285869728&sfv=1-0-38&ecs=20220708&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C2%257C%26iid1%3D856839555128145%26eid%3D856839555128145%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dymaillogin_net-large-billboard-2-856839555128145%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D240%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2764%2C2765%2C3154%2C3455%2C17%2C19%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3154%2C3455%26lb%3D260%26reqt%3D1657305691005&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305692024&lmt=1657305692&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=1080&adys=733&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x294&msz=336x280&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

26e519614b1ef070236a67f9e832104db04ad9de48bf5e96878d68cd544746b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9633
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 469ms
469ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=369371293406740&correlator=2766754328658271&eid=31068337%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=1254144%3A22499624399%2Cymaillogin_net-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=13&adks=3298124376&sfv=1-0-38&ecs=20220708&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D7700763979086073%26eid%3D7700763979086073%26t%3D134%26d%3D259039%26t1%3D134%26pvc%3D0%26ap%3D1132%26sap%3D1132%26as%3Drevenue%26plat%3D1%26bra%3Dmod42-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D9%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dymaillogin_net-box-2-7700763979086073%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10061%26asau%3D3153047221%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%2C17%2C19%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3154%26lb%3D200%26reqt%3D1657305691022&eri=1&sc=1&cookie=ID%3Da8d16c25366987fd%3AT%3D1657305686%3AS%3DALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA&abxe=1&dt=1657305692040&lmt=1657305692&dlt=1657305686317&idt=254&biw=1600&bih=1200&adxs=485&adys=150&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fymaillogin.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=820x250&msz=250x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=516299598.1657305687&ga_sid=1657305687&ga_hid=1237728289&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c313ae5a9ea9178d0639bada0e06ef96ffcc236fef63d5db82517e55cdb7d060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10389
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ymaillogin.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insights.bin Show response
ins.connatix.com/2840843e614b9777cb810f2b794ae2a8/ Frame E7FA 72 B
316 B 189ms
123ms XHR
application/octet-stream 151.101.66.137

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/2840843e614b9777cb810f2b794ae2a8/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2027c336501c77ac2f79dce51e637bc07a2f3e862fceaad66352c33dbe74ffd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 06:54:49 GMT
age: 624589
etag: "c9cb042379f392407f14d0d1f39daa1a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA37 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZSwdKiM1orwEiZtE9fAoBB7KxNByfWH3AC90VONwPliqPk4mbkRM-1X5_WsZqBnX_5-ltxgpeYAEsgMA5yw8gEhXnNApgiarh516PYLuDnI0W2uMtm2H1NmuttK4gLL6lpePie-SR7gB-&sai=AMfl-YRaKOGbHVjGec9kTcK3jpg6DaEfufoq9aYRDIvEYqigm-cv_pLbvZTptcHW7Mw9FHwbLEchAZGpxkByLrDnyfZmkIpRZngW8-7QAF0GBLp8aGE8m-WRhy_jxCsG&sig=Cg0ArKJSzOOBJaoZU5sREAE&cid=CAASF-Ro5rX4W1UN5nDGXgYiHh8VxDHia3TA&id=lidar2&mcvt=1000&p=192,1080,442,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=347099499&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657305691092&rpt=150&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame E7FA 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 300ms
300ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

03117defa5ce7ee9b870e66e2dcd0641497f1063cc6c0e3363dcb977f2da1d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28101
x-xss-protection: 0
server: sffe
etag: "1268 / 868 of 1000 / last-modified: 1657295114"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Jul 2022 18:41:32 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E7FA 0
0

GET
H2 200 5.png
img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/ 5 KB
5 KB 38ms
20ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: br
age: 3585327
etag: "WyY66hWo5OdoXuQtIRPU7kBpkP2OfioY7IdwgbKwCN4"
access-control-max-age: 86400
fastly-io-info: ifsz=5795 idim=59x61 ifmt=png ofsz=5076 odim=59x61 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 5081

POST g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame E7FA 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8EEF 42 B
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIrBA-h928JaqQhTxMLFGL1JMDIjISb4T25w7jgE5LleXe-lMlZbWdRxC0AH0hTWpuZcMs1Z-f-LZTk9BXcsXUktCaCFiYzxLka6UMu7izFJgS7_v03oeiksteiALFS7Z42zb0mUIU8g9C&sai=AMfl-YSymB4yRw942FWmt_w38cMsxuXLnq6BqrWCE92eRQ0PK2XZ1k8-pmJZQqAEAyOTR9Ege6Ln9UIuGprtZ30FSgefRLPIpgbXK3aloT4POESRELr3XhL5_Y9Q52pv&sig=Cg0ArKJSzD1-5WihYEIpEAE&cid=CAASJeRovmcajCveUAX_fdSUCgvdZ_AoVlz2_lgHOVSQjetbuwLA-Kg&id=lidar2&mcvt=1045&p=1110,436,1200,1164&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1144603186&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657305691077&rpt=206&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 18:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
42 B 25ms
24ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMzUsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:31 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame BA37 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E244 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 8EEF 0
0

GET
H2 200 prebid6.20.0-3.js Show response
cds.connatix.com/p/plugins/ 471 KB
123 KB 21ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid6.20.0-3.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19aa008de673ad3fe029942e7306efea84b9c8d39f564a119ef5a3e8da2ba70d

Request headers

Referer: https://ymaillogin.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
content-encoding: br
last-modified: Thu, 16 Jun 2022 09:12:00 GMT
age: 1934957
etag: "793dc262c0b49c31a7c1f2974621efac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 126110

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 26ms
25ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzA0NzMzNDkwOTA4NjczMCIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMwNDczMzQ5MDkwODY3MzAiLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU5MSwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:31 GMT

GET
H2 200 army.gif Show response
ymaillogin.net/porpoiseant/ 0
19 B 24ms
24ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ymaillogin.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk5MTQ0MDA4OTExNDAyNyIsImRvbWFpbl9pZCI6IjI1OTAzOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXltYWlsbG9naW5fbmV0LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjU3MzA1Njg1LCJhZF9wb3NpdGlvbiI6MTEzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI2MTNmODcxMi1hZjk1LTQwZTMtNjhhNC0xY2YzOTcxMjcxYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE5OTE0NDAwODkxMTQwMjciLCJkb21haW5faWQiOiIyNTkwMzkiLCJ1bml0IjoiZGl2LWdwdC1hZC15bWFpbGxvZ2luX25ldC1ib3gtMS0wIiwidF9lcG9jaCI6MTY1NzMwNTY4NSwiYWRfcG9zaXRpb24iOjExMzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNjEzZjg3MTItYWY5NS00MGUzLTY4YTQtMWNmMzk3MTI3MWEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTkxNDQwMDg5MTE0MDI3IiwiZG9tYWluX2lkIjoiMjU5MDM5IiwidW5pdCI6ImRpdi1ncHQtYWQteW1haWxsb2dpbl9uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2NTczMDU2ODUsImFkX3Bvc2l0aW9uIjoxMTM1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjYxM2Y4NzEyLWFmOTUtNDBlMy02OGE0LTFjZjM5NzEyNzFhMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: ymaillogin.net
URL: https://ymaillogin.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-4y36-23y55-1y59-21y5d-24&cmbcb=86&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ymaillogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 18:41:32 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 07 Jul 2022 18:41:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb-api.omnitagjs.com
URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fymaillogin.net%2F&CanonicalUrl=https%3A%2F%2Fymaillogin.net%2F&PublisherDomain=https%3A%2F%2Fymaillogin.net

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=169408&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=169408&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZSwdKiM1orwEiZtE9fAoBB7KxNByfWH3AC90VONwPliqPk4mbkRM-1X5_WsZqBnX_5-ltxgpeYAEsgMA5yw8gEhXnNApgiarh516PYLuDnI0W2uMtm2H1NmuttK4gLL6lpePie-SR7gB-&sai=AMfl-YRaKOGbHVjGec9kTcK3jpg6DaEfufoq9aYRDIvEYqigm-cv_pLbvZTptcHW7Mw9FHwbLEchAZGpxkByLrDnyfZmkIpRZngW8-7QAF0GBLp8aGE8m-WRhy_jxCsG&sig=Cg0ArKJSzOOBJaoZU5sREAE&cid=CAASF-Ro5rX4W1UN5nDGXgYiHh8VxDHia3TA&id=lidartos&mcvt=1163&p=192,1080,442,1380&mtos=1163,1163,1163,1163,1163&tos=1163,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=347099499&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1657305691092&rpt=150&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshqEuh7bco1QiTmZik0Xb7KBFnbDnhuP6JsFLUb1blIZvwdbxMe7ZBGW27fCAPo5xWZMRFAgrPtFb7coiq7h-LyTltXWopRjsZaYPxhx6eVbps5gq4CHiyz5Pl2pSuZRUkIfEUH0oKsAi9&sai=AMfl-YTu09d2ArcdZjL2__ZChNWW51H1IU9SGGyIAPPM8I4_-U6K_hAqLOUdH9fovk9Wkdfp_qc0O2CUWzwV&sig=Cg0ArKJSzAZifCWQrsQxEAE&cid=CAQSGwCNIrLMOrLAxxaw5R-UH-eA7R5kFOWbkzvYuRgB&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=2&adk=4030285474&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1657305687409&rpt=181&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIrBA-h928JaqQhTxMLFGL1JMDIjISb4T25w7jgE5LleXe-lMlZbWdRxC0AH0hTWpuZcMs1Z-f-LZTk9BXcsXUktCaCFiYzxLka6UMu7izFJgS7_v03oeiksteiALFS7Z42zb0mUIU8g9C&sai=AMfl-YSymB4yRw942FWmt_w38cMsxuXLnq6BqrWCE92eRQ0PK2XZ1k8-pmJZQqAEAyOTR9Ege6Ln9UIuGprtZ30FSgefRLPIpgbXK3aloT4POESRELr3XhL5_Y9Q52pv&sig=Cg0ArKJSzD1-5WihYEIpEAE&cid=CAASJeRovmcajCveUAX_fdSUCgvdZ_AoVlz2_lgHOVSQjetbuwLA-Kg&id=lidartos&mcvt=1135&p=1110,436,1200,1164&mtos=1135,1135,1135,1135,1135&tos=1135,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1144603186&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1657305691077&rpt=206&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Verdicts & Comments Add Verdict or Comment

291 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ymaillogin.net/	1970-01-20 04:21:47	Name: ezoadgid_259039 Value: -1
.ymaillogin.net/	1970-01-20 04:21:52	Name: ezoref_259039 Value:
.ymaillogin.net/	1970-01-20 13:07:21	Name: ezosuibasgeneris-1 Value: 11fa498f-9423-4c79-73ca-fc94cd4927d9
.ymaillogin.net/	1970-01-20 04:21:52	Name: ezoab_259039 Value: mod42-c
.ymaillogin.net/	1970-01-20 04:24:38	Name: active_template::259039 Value: pub_site.1657305685
.ymaillogin.net/	1970-01-20 04:21:47	Name: ezopvc_259039 Value: 1
.ymaillogin.net/	1970-01-20 04:23:12	Name: ezepvv Value: 59
.ymaillogin.net/	1970-01-20 04:21:47	Name: ezovid_259039 Value: 1882544111
.ymaillogin.net/	1970-01-20 04:21:47	Name: lp_259039 Value: https://ymaillogin.net/
.ymaillogin.net/	1970-01-20 04:24:38	Name: ezovuuidtime_259039 Value: 1657305686
.ymaillogin.net/	1970-01-20 04:21:47	Name: ezovuuid_259039 Value: 6bedc1e7-be7b-4d5b-6c33-97505433df3d
ymaillogin.net/	1970-01-22 17:40:57	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
ymaillogin.net/	1970-01-22 17:40:57	Name: ezohw Value: w%3D1600%2Ch%3D1200
.quantserve.com/	1970-01-20 13:52:00	Name: mc Value: 62c87a56-b18fd-4568e-6b09d
.ymaillogin.net/	1970-01-20 13:46:14	Name: __qca Value: P0-270941495-1657305686712
.ymaillogin.net/	1970-01-20 21:52:57	Name: _ga Value: GA1.2.516299598.1657305687
.ymaillogin.net/	1970-01-20 04:23:12	Name: _gid Value: GA1.2.1809713879.1657305687
.ymaillogin.net/	1970-01-20 04:21:45	Name: _gat_gtag_UA_156561478_1 Value: 1
.doubleclick.net/	1970-01-20 13:43:21	Name: IDE Value: AHWqTUmU-UoMIb3wweNsK0YUXR6WOBzZSVBgHNZFSHZ_6w_r8MczsOQSx-cO53aa_SM
.doubleclick.net/	1970-01-20 04:21:49	Name: DSID Value: NO_DATA
.ymaillogin.net/	1970-01-20 13:43:21	Name: __gads Value: ID=a8d16c25366987fd:T=1657305686:S=ALNI_MYErJS5Cz6UCBEYNln-coy9Hgj7FA
ymaillogin.net/	1969-12-31 23:59:59	Name: ezouspvh Value: 300
.yandex.ru/	1970-01-23 19:57:45	Name: yuidss Value: 8010417441657305688
.yandex.ru/	1970-01-23 19:57:45	Name: yandexuid Value: 8010417441657305688
.everesttech.net/	1970-01-20 13:07:21	Name: everest_g_v2 Value: g_surferid~Ysh6WAAO1NfQdAA2
.mathtag.com/	1970-01-20 13:47:40	Name: uuid Value: c1c862c8-7a59-4400-baab-dffc507b7204
ymaillogin.net/	1969-12-31 23:59:59	Name: ezouspvv Value: 700
ymaillogin.net/	1969-12-31 23:59:59	Name: ezouspva Value: 3
.adnxs.com/	1970-01-20 06:31:21	Name: uuid2 Value: 3372002683936790545
.adnxs.com/	1970-01-20 06:31:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVToq()_!]tbPl1M>e)ZlrFUfJ+tGXxpSa^oPCOrVUP@JOXv<YD^VS3B:X]5.-Y%eG:%3If)y3KL9D3I?+V:Qf5N
.casalemedia.com/	1970-01-20 06:31:21	Name: CMPS Value: 1143
ymaillogin.net/	1970-01-20 05:04:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.casalemedia.com/	1970-01-20 13:07:21	Name: CMID Value: Ysh6W2eSkhQhCedGIwf4-gAA
.casalemedia.com/	1970-01-20 06:31:21	Name: CMTS Value: 5134
.casalemedia.com/	1970-01-20 06:31:21	Name: CMPRO Value: 5165
ymaillogin.net/	1970-01-20 13:07:21	Name: ezux_lpl_259039 Value: 1657305691535\|613f8712-af95-40e3-68a4-1cf3971271a0\|false
.mathtag.com/	1970-01-20 05:04:57	Name: mt_mop Value: 4:1657305691
.id5-sync.com/	1970-01-20 04:21:45	Name: cf Value:
.id5-sync.com/	1970-01-20 04:21:45	Name: cip Value:
.id5-sync.com/	1970-01-20 04:21:45	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:21:45	Name: car Value:
.id5-sync.com/	1970-01-20 04:21:45	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:21:45	Name: callback Value:
.adnxs.com/	1970-01-20 06:31:21	Name: icu Value: ChgIkfo_EAoYASABKAEw2_ShlgY4AUABSAEQ2_ShlgYYAA..
.zemanta.com/	1970-01-20 13:07:21	Name: zuid Value: cGBNrc3MPecW1RLkvuA0
pb-server.ezoic.com/	1970-01-20 06:31:21	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNGExOWQzZTMtODYwMS00OWQzLTkzM2UtNDE2ODg4YTIwZTU2IiwiZXhwaXJlcyI6IjIwMjItMDctMjJUMTg6NDE6MzIuMTA0MTk0Nzg1WiJ9fSwiYmRheSI6IjIwMjItMDctMDhUMTg6NDE6MzIuMTA0MTg4NjExWiJ9

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/92716964203462656/index.html".
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://ymaillogin.net/ Message: Access to XMLHttpRequest at 'https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fymaillogin.net%2F&CanonicalUrl=https%3A%2F%2Fymaillogin.net%2F&PublisherDomain=https%3A%2F%2Fymaillogin.net' from origin 'https://ymaillogin.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fymaillogin.net%2F&CanonicalUrl=https%3A%2F%2Fymaillogin.net%2F&PublisherDomain=https%3A%2F%2Fymaillogin.net Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

484c5b5b9aa05bae0e39e1e8408f531a.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
api.fouanalytics.com
b1sync.zemanta.com
bidder.criteo.com
btlr.sharethrough.com
c.eu1.dyntrk.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cc.adingo.jp
cd.connatix.com
cds.connatix.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb-server.ezoic.com
pixel-sync.sitescout.com
pixel.quantserve.com
prebid.a-mo.net
prebid.smilewanted.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssp.adriver.ru
sync-tm.everesttech.net
sync.inmobi.com
sync.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ymaillogin.net
capi-tier-1-us-east-2.connatix.com
hb-api.omnitagjs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
103.229.206.240
104.18.19.126
104.22.69.131
135.125.160.160
141.95.98.71
142.250.185.130
142.250.186.162
147.75.85.234
151.101.194.49
151.101.2.137
151.101.66.137
172.217.16.194
178.250.0.165
18.158.98.109
185.64.189.112
195.209.111.19
20.127.253.7
2600:9000:20eb:c800:2:cb38:840:93a1
2600:9000:2156:200:6:44e3:f8c0:93a1
2600:9000:223f:fe00:1b:5138:8a40:93a1
2606:4700:3036::ac43:c834
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a02:6b8::90
2a02:fa8:8806:13::1400
2a06:98c1:3121::3
3.122.82.31
35.157.236.110
35.186.253.211
37.252.172.36
51.89.9.253
54.64.231.104
64.74.236.255
66.155.71.149
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
03117defa5ce7ee9b870e66e2dcd0641497f1063cc6c0e3363dcb977f2da1d05
04e5c6c793e1605905735480e28ebc646d67e6d96116869c371797bdfdd92c19
0aec15f636c485f3f7cd334a15982cbe33e446aca7ac46a0271696ef26a05765
0b2e5f8700f5f1d9ba4b43b2968d8843ced7d2707186ed201c6426993025535d
0b6b9c4408576ac4d2ee39324a96d56f7b55e307daff0e2498db6dcd956ef0c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd34152c5a3cf0d352008b0992f33900d5d8a664accc287de02df1443256536
0f657b4c9a6da3cc834bcb59c47956186b50507263488ad9d3412d72924fff89
10a54814460951eba9e31d24e93e2c5593251ca86d3c4cb787d2cc4c9e621d7f
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
121a7895494cf562e623fea3fd368f7a796af3d9b3d971774f0909c6d2d8f94e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14a87b946f52969d3d7aec711b327972c383504f008fcffdc219b1dd8be340d0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19aa008de673ad3fe029942e7306efea84b9c8d39f564a119ef5a3e8da2ba70d
1e18a6f2e50bbb307b883d5d16cbe135154c09bb9bdf6e626b2f30bf36ee869f
2027c336501c77ac2f79dce51e637bc07a2f3e862fceaad66352c33dbe74ffd0
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
2401b6c90334f69bca585263201ccddb9d34412d38acaa83251fc63346716a9d
2606aa711e586bfe1be8beb2a08289903cf5b87e7a53403dabf1eda1b8c0d177
26e519614b1ef070236a67f9e832104db04ad9de48bf5e96878d68cd544746b5
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2faf32d7620ccd1e19fd0e5a1203a31d9af925c23da00efcb2f128d931039899
34a37ff86f176a3175e1fbdb7f15e17974ebd486cf4edca7fc88a99c86908dbf
35f37cb0cd199aad82abda3d8a3a9cacdb3fbfbf2583f1fd461a03a56922e518
372a2b0be8222c651235bda1b58a6b86d257d49f7a2a7d7c2b9687b6be5b83ef
3d6e744db02d954acac6f1b9bb1efdd1e8973c93b4a77b9c39956e5dc30ecdd6
471be6c2f5c1084fa5af3db05877a6c725950d5fecbb46be9f2848b0ad90096b
47b673a21dc5ab539eb9025e770e537b5d004e4d1f9cc3992f846a09cb6a7bc0
49ada5fc05539ba4f639558acd6a09b25f0b1a69c9dc6d3d160d1272a703621d
4a74ee2d4d944d338cbdb14c57a0b066c0a8fc4aa85dde652e05f925acb8ac59
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb6d1f95e48c4769aaef4fb20d9244b5af3261cde7aba6e9e44f5118ca9b9b0
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d3d41ba4b1025341fdd77230efd3257e64fc2719e93824633cf30203db0b3ca
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
538a8ff1efcfd23c58a4e102ea4551d21eb72b046e10190fa3da92d997546016
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565c527fe8f92c8a9eadddf2a0e16eb40bbff31298fc67064f090e515f882b6b
57a54c7999f01c6e0d9521fd1295c391522dacf49a03b4bd37538faf0992a28f
57c57c3c8bf23476c0db84136a9b39fc2201cb9a982eca4cea83889ff68d23f8
57f20f65a10867616695b8f240166303c0376e91df1a7fc4d4bf6789f541fcc0
5a8a306473ea0a1d83d544bb78a895e58d3a0b797d3849a62685856effd18368
5c3c4b20f3096c37f00d79fe0c4234f888926728ba3eddd94c8d6395266741f7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df1a7da21176a5d05be215757d963449179a96bb94521f112ab23a6bfb37fb2
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f36d3add46f6a425f70f833b75be801d705199e7dbfdb11e4de9a935082a1c4
5f52f5aece8d04c4685806353fb7c9646225fcdd825d1ba36d50472e771da79e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ac909c03d9849fe1bfd100483c096325c7b77b83d74e47f9bb3b9b71185511
62ec8b14109825f4ffc6f3dc1b905a8d8370ccf9789aaf591c7a39025fbbd5d5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d631a4b486637a0959079d4d061a66acc787eca432900391585640b15c6bac2
6f0f85d91c70e4c54276de816c0b41210924bf35873a095897a440c58ebe5c26
6f28183f085aa036da571b0e40ae8105ab8ffc825bc2cb8568c3d67b203d3a08
707df7b483d867af0cfa5daf5277afd2c5a37cd69dfc9250ae80457b33cd3bea
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
75c84c2ede0497e8eaaa80a3b296d91df4e7cf0509f6b25645a9240cc0ca620a
75fc743fdeb23b91eb728f24a6a261e95f3e6d0fe1c97f73c8c0e1faca57dc60
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7cb23295b64d9ea81f495636a28be051dd35e8bee7bf469b33c1f377e2a42f7c
809a245f9ce120fa13e2778e40c344cba66b787f0019b6b0dad54f4bb5eb5515
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b97dd8a7deaa5deb5db189d2232c24ff1ef9364a85c6e4af58652f4acb3bf3
9985c301f7885d96399ac119bc6d467c238fb7274a1f6cd39ff36521b696c3a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a8b01e50d2e38da531218860be5975e9d1ac71695edc72e3fc5afc53a6ea9f
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029
a6eeb792a60d78b85c511c74d797e0e3b2f35fcdf096ae56d06c1fd2968889cb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8070ffcc966d6804e1f0de36c24d5666f67bc8b70c0003bd9034b68181558dd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d560e45d8aa1294289023f77641f0908548dc701534883c3987f6db4b63a0d
b98b086ba4ad8110fba7fcb3bf7f9873d52d7156da37d7ebeb72fc33963cb465
bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583
bf1e4f9a8f171d81cbd7181c98bfdb3d26720ddab2437f9d7b011de589e92ba4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c313ae5a9ea9178d0639bada0e06ef96ffcc236fef63d5db82517e55cdb7d060
c577d899cf11a82e4a1d9754c7f3e861fe8eec57954953b8526e4a957cf89e09
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb15699b8ac25947f2e62253efbcd84f1b954478d0a440f57d53186797e1d1f1
d35de65c2878a10c1945fceb57a32346606d0225fca6bc1d9a801ab1dad60b32
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
ebb8e8964b5b86218a37d73f701503ff287126d5573b27c20b654bcb2f5f8044
ec8fc63c7ceea244d1f390126b2489575378699a2da32f7933a42361797f9fce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a5a857063cebdf7f370c45e2b96ac22d9299619aeb8965aca316ac377dab6
eff710c2e6e1889c23e3ff5884bb3bb3dddf617a46e1ec1fd929fa4bcb94c3d4
f19b386d1db7432eda631fe231e05332af0e4a2774a5e9b99c13a25f873c57d2
f3ebc2cee7a5b7b0a6babcc921f9afad143474933fc7171820c28f88270a7071
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff2837d2bc293f8f3d6d054be602f207cce3ef0bb584d40fc1aec16c4c4341bb

ymaillogin.net Open in urlscan Pro 18.158.98.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

90 %HTTPS

48 %IPv6

41 Domains

56 Subdomains

41 IPs

9 Countries

2225 kBTransfer

6401 kBSize

46 Cookies

7 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ymaillogin.net Open in urlscan Pro
18.158.98.109 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

90 %
HTTPS

48 %
IPv6

41
Domains

56
Subdomains

41
IPs

9
Countries

2225 kB
Transfer

6401 kB
Size

46
Cookies

226 HTTP transactions
7 data transactions